In the September/October 2011issue of The Pennsylvania Lawyer, published by the Pennsylvania Bar Association, practicing attorney and technology consultant Shannon Brown provides a very thoughtful and informative primer on the “why’s and wherefores” of cloud computing, particularly in regard to document management and confidentiality. His article offers some important background for attorneys attempting to understand the “alphabet soup” of current cloud computing terminology.
He also outlines why it is important for attorneys to understand some of the risks associated with cloud computing, and how to mitigate those risks to insure compliance with various judicial opinions on the topic. Specifically, he cites Ethics Informal Opinion (2010-060, 1/10/2011) of the PA Bar Association’s Committee on Legal Ethics and Professional Responsibility, which states that attorneys may ethically allow client confidential material to be stored ‘in the cloud’ “…provided the attorney makes reasonable efforts to assure that the material is confidential.”
As Brown states, any attorney contemplating a cloud-based storage solution will need to understand what constitutes “reasonable efforts” regarding the confidentiality of data stored. To help with this determination, the author suggests three areas for attorneys to probe carefully before committing to the cloud. They are:
- · Data encryption practices adopted by the vendor
- · Awareness of the physical storage location of the data itself
- · Procedures for disaster recovery of data made available by the vendor
There are many “cloud-based” document management applications floating around in the ether these days, some of them free, some of them fee-based. Many attorneys have weighed in on TechnoLawyer about the pros and cons of DropBox, Box.Net, Sharefile, and a host of other document storage solutions.
As a cautionary tale, this month’s issue of The Atlantic features a story by James Fallows about “cloud security” that was inspired by his wife’s recent experience of having her Google gmail account hacked. In the article Fallows mentions that, according to one Google source, gmail accounts are hacked on average about one thousand times per day. So warnings about the potential perils of cloud-based document storage are not by-products of a paranoid imagination; the peril is real, and it happens on a daily basis.
Attorneys need to pay even more careful attention to these concerns, given the ethical issues that come into play regarding client documents. How does your cloud-based document storage solution stack up against these three criteria?
Eastern Legal Systems enthusiastically supports NetDocuments as the “safe choice” for document storage in the cloud, because it appears to do rather well in responding to these three crucial categories.
All documents sent to and from NetDocuments use secure SSL protocols with 128 bit encryption keys, and all documents stored on the NetDocuments servers are fully encrypted. Multiple additional technical and procedural safeguards are in place to insure that your documents are available only to you and to those with whom you choose to share them.
NetDocuments servers are located exclusively in the U.S., and are constantly being replicated between two secure hosting centers, insuring continuity of access. In the event of a disaster at one site, access to the replicated site is instantaneous and transparent to the user.
So, all of you Pennsylvania lawyers out there (and the rest of you, as well), rest easy knowing that NetDocuments fully complies with the standards as currently defined by your Committee on Legal Ethics and Professional Responsibility, and as further explicated by a practicing attorney who is also a knowledgeable technology professional.
The cloud can indeed be a dangerous place. Perform your due diligence accordingly when evaluating cloud-based document storage.
Jack Schaller has been active in the field of law office technology since 1989, and has worked with a variety of commercial accounting, legal billing, practice management, and document management software products during his twenty plus years in the software consulting field. During his tenure as a software consultant he has garnered many sales and service awards for his work with legal software products. Jack is a frequent presenter at legal conferences and seminars, and is a regular contributor to TechnoLawyer and other technology publications.