Cloud computing has become a huge part of most people’s lives as well as an integral part of many businesses, including those in the legal industry. Cloud technology allows you to store your data in a single location and access that data from wherever you are. Applications such as Google Docs and Dropbox are forms of cloud computing. This technology has made it easy to streamline many things in the legal industry, but it also poses some unique ethical problems.


One of the rules that lawyers must follow is that they must keep all information about their clients safe by any reasonable measure. As cloud technology involves storing data in a third- party location that is not under the control of the individual lawyer or firm, there is a chance that data could be stolen, leaked, or seen by someone other than the client and the attorney. Most cloud computing service providers have high levels of security in place but the risk is still there.

There is no doubt that cloud technology is helpful and important to the legal industry, but there are some extra precautions you need to take to make sure you safeguard all company data and files. Cloud computing opens many doors for lawyers and others in the legal profession but must be treated with caution.

Protecting Client Information: Physically and Technologically

Cloud computing services are not inherently insecure nor are they fortresses that can’t be breached. They do offer some degree of security due to constant monitoring, but that doesn’t mean this is the case for every provider. This means you need to make sure you do your research on any provider you choose.


Physical Protection

The best place to start is the physical location of the provider. A provider’s facility is where many data breaches and hacks can occur, so you need to look at the facility. If you can physically visit the premises this is advisable and when you do look out for the following:

In general, you want to make sure the facility that will manage your sensitive information is as secure as possible. If a provider isn’t comfortable with you viewing their facilities, that should be a big red flag, and you should stay clear of their services. A reliable cloud service provider will have no problem letting you tour the facility and ask questions about their security measures.

  • icon
    An alarm system of some kind that will accurately alert staff to break-ins.
  • icon
    Visitors are escorted the entire time they are on the premises and aren’t allowed into restricted areas no matter what.
  • icon
    Controlled access points require authorized personnel only, and there is some system (electronic card key) that monitors this.
  • icon
    Video surveillance of the facility as well as security during non-office hours.
  • icon
    A certain amount of privacy in each workspace so data and information can’t be easily seen by other workers.

Technological Protection

Even if your service provider’s facility is secure, they might not have the technological protection to ward off a data hack or breach. Therefore, you also need to make sure there are certain practices and safety features in place before you use any provider. These are just a few of the things you should look for:

These are just a few of the features you should look for when it comes to a cloud provider. Overall, you want a provider that will work with you and provide multiple layers of protection and plans of action, so your information is as secure as possible.

Additional Precautions

In addition to all the possible security features a provider has, you need to make sure your law firm is as secure as possible. Often, data breaches or hacks occur right in your office, and they can easily be prevented. Employ some of the same measures your provider uses and require authorized use of the Cloud whether that is with a password and username or prohibiting access to the office network via anything but approved or office-based devices.

You can also use vulnerability identification and penetration testing to check your network for security failures or problems regularly. Usually your cloud software provider will be able to handle these types of tests, but make sure you check on them to see that they are running regularly.


Breach Detection and Incident Response

Even if you take all precautions to safeguard against a hack or breach, that doesn’t mean one won’t happen. Breach detection and incident response are two key components to any cloud providers’ services, and both should be top notch. The faster your network detects a violation, the sooner you can work to secure all data.

Cloud technology is amazing and allows lawyers to do their job easier and with greater accuracy, but there are certain precautions everyone needs to take to protect all information to the best of your ability.