Much has been made in recent times of the benefits that can be derived from cloud computing. In fact the speed of growth in use of “the cloud” has been one of the major factors in the IT industry for most of the last decade. But how safe is cloud computing?
Traditionally a profession that has adopted a cautious approach to new technologies, the legal sector are showing increasing signs of understanding the financial and operational benefits of using the cloud as a resource for managing different types of information. The Solicitors Regulation Authority has highlighted this in recent publications, expressing the view that “Cloud computing is continuing to increase in popularity, with low cost and flexibility the key advantages. Cloud users do not have to maintain their own data storage or multiple site licenses for software. The cloud works out cheaper than direct data and program storage, and permits true mobile working with no need for data sticks or email transmission of files, both of which are key risks for data loss. Email is not inherently secure, while data sticks are easily lost and provide ready systems access for virus programs.”
However, there are of course risks. The SRA also points out that when a cloud-based service is implemented, control of data is effectively handed over to a third party service provider, and the ability of that provider to protect confidential information can represent an area of risk. Careful selection of the cloud system provider can effectively mitigate this risk, as there are very wide variations in the level of security that different companies offer.
Safe4 Information Management have made major investments in ensuring that the security of their customers’ data is given the highest possible priority. This is reflected in the way Safe4 have addressed the issues raised by the SRA. The measures Safe4 have taken include such key areas as ensuring that all data is held in ISO-27001 approved data centres in the UK, confidential information is never transmitted by email, all stored data is encrypted using highly secure ciphers, and that all contractual engagements are undertaken according to English law. Rigorous penetration tests, carried out by independent UK Government-certified agencies, also ensure that any areas of vulnerability caused by new internet threats are addressed as a matter of urgency.
The SRA also points out that “sound cloud computing providers offer better encryption and security than would be possible for a small or medium-sized solicitors’ practice storing its data locally.” Due diligence applied in the selection of the cloud service provider can help to bring the law firm the financial and operational benefits of this highly effective resource while making sure that its stored information is given the maximum protection possible.
The views of the SRA are echoed by the Law Society, which has also published guidance for law firms wishing to use the cloud.
A number of law firms in the UK have for some time been making use of the highly secure document delivery and storage service offered by Safe4 to share confidential information with their clients and other external parties. One law firm in Leeds is now in the process of introducing the use of Safe4 as a direct result of the way the SRA guidance has been interpreted and implemented.
For more information on how using Safe4 can benefit your law firm, please get in touch. We will be very pleased to assist you.
Ben Martin is a Director and founder of Safe4 Information Management