Attorneys and law firms regularly access highly sensitive and confidential information about their clients. It’s therefore their responsibility to ensure it remains private, making document security a high priority for every law firm. Fears of data breaches and hacking have prevented law firms and lawyers alike from embracing cloud-based storage and sharing options, such as Google’s cloud computing software, G Suite—which includes word processing program Google Docs.
While law firms can take advantage of G Suite in numerous ways, it is important to weigh the security risks of storing highly sensitive information in a cloud that’s not locally managed.
IS THE G SUITE SUITABLE FOR USE BY LAW FIRMS?
How Lawyers Can Utilize G Suite
Google’s G Suite entices law firms with many appealing benefits, such as its wide range of cloud-based solutions that can help employees work smarter and more efficiently. These enable firms to cost-effectively store documents, share files, and collaborate on one centralized platform.
With G Suite, law firms can:
- Manage and organize emails via Gmail
- Simultaneously collaborate on documents with Google Docs
- Create a consistent legal document template
- Review and edit documents anywhere, from any device
- Manage team calendars
Those are just several ways firms can utilize Google’s G Suite platform. It’s also helpful, however, to research and weigh safe practices before making such a switch.
How Do Different Jurisdictions Feel About the Ethics Behind Cloud Computing?
The nonprofit American Bar Association has reported that 19 states have commented on the use of cloud-computing, deciding a resounding “Yes,” states can store client files in the cloud—with “reasonable care.” While the exact meaning of this varies from jurisdiction to jurisdiction, New York’s specific requirements are as follows:
- “Vendor must have an enforceable obligation to preserve confidentiality and security, and should notify lawyer if served with process for client data.”
- “Use available technology to guard against foreseeable attempts to infiltrate data.”
- “Investigate vendor security practices and periodically review to be sure they remain up-to-date.”
- “Investigate any potential security breaches or lapses by vendor to ensure client data was not compromised.”
These important stipulations ensure firms adopt the proper security measures and stay updated, to protect sensitive data from breaches and hacks. This isn’t simply for firms’ reputations, however. It’s also become important to clients—who are becoming increasingly concerned about the security of their information.
According to the American Bar Association’s 2016 TECHREPORT—which combines data from its annual Legal Technology Survey Report with expert analysis, predictions and observations from legal technology field leaders—30.7 percent of all law firms, and 62.8 percent of firms of 500 lawyers or more, reported that current or potential clients provided them with security requirements.
G Suite Security Concerns
While G Suite can help law firms work more effectively and efficiently, there are still security concerns, explains Adam Schwam, CEO of Sandwire, a full-service IT provider located on Long Island.
“Law firms can use Google Docs, just like law firms can use Microsoft Office 365 in the cloud,” he says. “It has a secure platform, but as any platform that’s in the cloud, since it is not locally managed, it may be susceptible to infiltration.”
Since Google’s G Suite is a cloud-based service, it doesn’t require users to download software onto their computers. Rather, web browsers provide all the access—meaning confidential files are stored on a server in another location.
This introduces another concern, continues Sandwire’s Adam Schwam.
“Since they [Google] manage the security for the most part, usernames and passwords can much easier be compromised on a personal machine that’s on the cloud that’s not managed by an IT professional,” he says.
Confidential information, such as clients’ social security numbers, for example, can therefore be compromised more easily.
Keeping Your Clients’ Information Protected in G Suite
While it may seem, perhaps, that your firm is immune to hacking, this sinister crime is becoming more and more common than ever before. According to an article in the American Bar Association’s monthly trade magazine ABA Journal, Alexandria, Va.-based cybersecurity firm Mandiant estimated at least 80 of the 100 biggest firms in the country, by revenue, have been hacked since 2011—making cybersecurity a top concern for law firms, of all sizes.
While every law firm should take measures to safely use the cloud to prevent a data breach, developing a data backup and recovery plan is also paramount.. Yet, adds the ABA’s aforementioned TECHREPORT, only 17.1 percent of all law firms had an incident response plan in place to address a security breach.