The Cloud Provides Law Firms a Safe Place to Work


The lifeblood of the legal industry was once paper, but today, though paper still plays a role, most legal content is stored digitally, and IT teams have facilitated this transition by building and implementing on-premises systems.

These systems have served law firms well, but there are good reasons for large and small law firms to consider moving to the cloud. Today’s pressure comes from supporting remote collaboration, mobile working and the change in working practices, employee and client expectations resulting from the pandemic.

There are also often cited commercial benefits of moving to the cloud that makes up the business case; the opportunity to deliver more predictable and manageable costs, lower overheads and having less complexity to manage. Plus, a stretched IT team can focus on adding differentiation, value to the firm and its clients rather than maintaining standard tools.

But due to the sensitive nature of the content in those systems, the well-established, highly regulated working practices, law firms typically take a conservative approach to realize these benefits, citing security and governance concerns. Reflecting this, many legal IT departments have maintained their on-premises IT systems rather than leveraging cloud solutions for document sharing and workflow.

However, while moving to the cloud may come with some risks, this article argues that continuing with an on-premises IT system could be riskier.

Legal Work Has Changed

The pandemic has disrupted how work is done in almost every industry, described by many as an acceleration of a digital transformation that had previously been slowly changing the way work is done.

It has triggered an explosive change in the technology sector. Legal, healthcare and government organizations running ageing IT systems have been given an opportunity to leapfrog and drastically modernize IT and working practice.

The legal sector has felt this particularly keenly, suddenly finding that every aspect of their business from client communication, team collaboration, to how courts function change. Traditional working practices, that have been established over many decades, have been disrupted.

Lawyers and legal staff have been forced to work from home offices, spare bedrooms and coffee shops and have discovered a more flexible way to balance their lives. And, as the world emerges from the tightest grip of the pandemic, these working practices, both internally for the employee experience and how clients would like to collaborate have now become the expected norm, it’s unrealistic to plan for a return to how we worked in 2019.

Some Risks Have Emerged

The move to remote, from having not just the systems on-premises, but the people too, has created an increase in exposure to risk in the form of data loss, cyber threats, non-compliance, and the unintended disclosure of confidential client information.

While enabling remote working, IT teams have discovered that while their core systems, like their document management system, are managed and hosted on-premises, the tools of the remote worker, being adopted by their legal colleagues to enable remote collaboration, video conferencing, messaging, and sharing are already in the cloud. Sensitive information is already flowing through them. The challenge is to address the need to support remote working practices and access to information while managing the increased inherent risk.

Increased Sensitivity About Security

This is all happening in an environment of heightened awareness and sensitivity around data security, with high profile data breaches and ransomware attacks, clients are taking a keener interest in how firms protect their data and are using this as criteria for choosing which firms to work him.

Therefore, IT teams in law firms have had to mobilize to enable remote work within a unique security and governance environment that protects client information and provides this reassurance. The standard three or five-year timeline of refreshing IT systems and operations have, in many cases, been drastically accelerated to complete the same work almost immediately.

Is On-Premises IT More Secure?

It would be natural to assume that a system closely controlled by IT in an environment they manage on-premises is more secure. However, there is nothing to technically support that assumption.

Secure cloud providers support operational and security certifications like ISO 27001, HIPAA, SAS 70 Type II, NIST 800-53 and encryption, which most on-premises systems would struggle to achieve.

Specialist enterprise-grade cloud services that sell to regulated and compliant sectors such as legal, healthcare and government invest in engineering every aspect of their services to be highly secure, designing their platforms to demonstrate that. In order to be a viable vendor in this category, they meet the most extreme security and compliance needs. Most on-premises IT departments do not have the time or these resources and are limited to focusing on the basics.

Adherence to these security standards is important, as the security of data and files is also determined by how accessible the data is. Remote workers focused on trying to complete their work in this new environment, are not cyber security experts, and in attempting to access on-premises files and data, to continue their work are often finding workarounds, presenting a risk outside the IT departments four walls. Therefore, the tools provided should be highly secure to mitigate this risk.

Is Moving to the Cloud a Security No-Brainer?

Moving to the cloud can make a law firms data much more secure than it is today. However, cloud platforms are not inherently secure and all equal, lower-cost or more generic consumer-based cloud services do not meet the standards discussed in this article. They are inexpensive and easy to adopt for a reason.

Therefore, creating the business case and choosing a cloud platform to support the work of a law firm; the secure management of documents, emails, remote collaboration across multiple devices, requires some due diligence. Law firms need to ensure that the platform vendor truly meet these high-security standards, that data is encrypted, and the system is engineered and certified as fully compliant with the strictest of standards.


Aside from the much-documented commercial benefits of predictable costs, the benefits to IT or moving out from the mundane tasks of system maintenance to delivering innovation, while the cloud platform takes care of system availability, a move to the cloud can deliver security and governance benefits.

For the General Counsel, CIO and CISO a move to the cloud can deliver improved security and resilience against cyberattacks. While end-users are provided with a safe place to work, the way they now want to, remotely and across multiple devices.

iManage in the Cloud

The iManage Cloud platform meets these stringent requirements for secure document and email management, enabling law firms to provide a secure environment that also meets their employees and client’s expectations for flexibly, remote work.

To support the move to the cloud, iManage offers proven tools, partners, and processes that have helped more than 1,300 customers transition to the Cloud. Using detailed migration methodologies, incorporating best practices, the iManage Cloud Onboarding package utilizes persona-based content to drive user adoption and engagement throughout the entire journey. A program that is supported by an ecosystem of more than 50 experienced implementation partners to support the process.

Find out more:


Check Also

What Lawyers Need to Know About Double Billing

Billable hours are the lifeblood of profitability for lawyers, but they represent only a fraction …