Is cloud computing right for your firm?
Cloud computing is often heralded as the Holy Grail for law firms looking for IT systems that are both robust yet flexible, says Ian Wimbush, Chairman of the Legal Software Suppliers Association. But what benefits can it really offer?
According to its supporters, cloud computing is the most exciting trend to come out of the IT industry for a while now. Not only that, but the numerous benefits associated with accessing a firm’s data and/or applications via the Internet – otherwise known as ‘the cloud’ – are routinely reported by the media as well.
Because it is a relatively new concept, let’s define our terms carefully from the start. According to The National Institute of Standards and Technology (NIST), “Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”
Although some law firms remain sceptical over the use of ‘off-site’ applications and question whether cloud computing will ever replace traditional in-house IT systems, several of our members of the Legal Software Suppliers Association (LSSA) are confident that cloud computing can keep data more secure and more easily accessible for a wide variety of law firms.
Key benefits of cloud computing
Several LSSA members are currently working with law firms that are storing and accessing data via the cloud. LSSA member Quill Pinpoint, for example, provides its clients with cloud-hosted legal accounts, document management and outsourced legal cashiering services.
“As a hosted service provider, we believe that it’s very easy to demonstrate the benefits of cloud computing for almost any kind of back office or front office function,” says Peter Dye from Quill Pinpoint. “In our view, the key advantages of this model include greater efficiency, mobility and cost effectiveness, not to mention substantial business continuity and disaster recovery solutions.”
The potential to reduce a firm’s expenditure on computer hardware is another compelling argument for cloud computing. With a traditional IT set-up, the purchase of a database server is quite often required, as well as a Microsoft Exchange Server (or similar) for email. Any costs related to installation, maintenance and support typically come on top of these initial expenses. In addition, most firms will need to either upgrade or replace at least some of this hardware every three years, again at a considerable cost.
For Peter Baverstock at PEAPOD Legal, another LSSA member, this is an important issue to consider.
“Without a doubt, one of the main advantages of a cloud-based approach is that server hardware operating systems are not required,” he says. “Plus, as Microsoft now offers a hosted version of MS Exchange (which most people use for emails), it’s now possible to eliminate the need for an on-site Exchange server completely, which helps to save hard cash in terms of both support and infrastructure upgrades, not to mention the physical space required to house it.”
With cloud computing, all that’s needed is a PC with connection to the Internet. At the same time, any existing hardware infrastructure may still be used, which means that new life can be breathed into this investment by removing any mission critical applications (such as accounts, time recording and case management) and therefore alleviating the strain that’s placed upon it, so that it will last longer and give a greater return on investment.
Smaller firms embrace the cloud
Cloud computing has proven to be especially popular with smaller firms, as the speed and cost of implementation can be much lower than those involved with a traditional IT infrastructure.
For these smaller firms, scalability is another plus when it comes to cloud computing, since additional users / licences (or even offices) can be added to a cloud-based solution easily, without the need for additional hardware, local installation and set up. This same benefit applies when software needs to be updated. With the cloud computing model, all of the responsibility for software updates lies with the vendor.
“Before, software updates had to be sent out by disk and then manually applied, and therefore often caused problems during installation,” says Matthew Lancaster from LSSA member Osprey. “But with cloud computing, upgrades are applied centrally, meaning no involvement from the client, and no support issues in applying upgrades, as they are all done centrally. Fee-earners simply need to log on, and they will automatically be using the very latest version of the software: no disks to install, no errors due to the install not working because of your particular IT set-up, and quicker upgrades due to less testing required, as the software will be used in just one environment.”
Cloud computing also makes remote access easier, as the firm’s software and data are available from anywhere via a simple Internet connection, whether access is needed by multiple offices, from employees working at home, or the need for one-off remote access.
Downtime and disaster recovery
One of the main arguments made by proponents of cloud computing deals with downtime and disaster recovery. With data held in the cloud, many vendors now offer SLA guarantees that there will be no downtime (nor related costs), since cloud-based systems are now often hosted over multiple datacenters, linked by a secondary broadband connection.
Along similar lines, firms using cloud computing model can simply log onto the service from an alternative location, in the event of a disaster like a fire or flood, without any loss of data.
“The cost of downtime can cause serious problems for firms with a traditional IT set-up,” according to Matthew Lancaster at Osprey. “There are a million and one things that can go wrong with a server and downtime could be lengthy, not to mention the issue of cost: the unexpected cost of replacing the server, the cost of being without a working system and access to accounts, time and case management records, and the cost of having the new server installed and configured. Many points of failure within a local server/network could result in significant periods of downtime, potentially considerable costs to repair/replace expensive IT equipment, and possibly even the total loss of the data itself.”
Security in the cloud
For all of these positives, a common concern raised by ‘anti-cloud’ critics relates to security. But is it really any more or less secure to access documents via the cloud than from the firm’s own server?
Proponents argue that cloud computing vendors will often have much tighter security than the average law firm, and PEAPOD Legal’s Peter Baverstock agrees.
“I would suggest that storing data in the cloud is far safer than an on-premise server that could be open to attacks, especially when trying to configure client accessability,” he says. “Certainly, all the major players can afford the most up to date security in both software and hardware, with Microsoft spending 3.2$Billion on their cloud infrastructure.” That is why Peapod have chosen MS Azure as their secure cloud solutions for PRINTAForm OnLine, combining this with MYCase for documents and forms storage providing client information interchange 24/7.
Matthew Lancaster from Osprey shares this same view. He actually believes that security is more secure with cloud computing, due to economies of scale and the fact that data is held centrally at secure anonymous locations that are manned by experts 24/7.
Osprey has only offered cloud computing solutions for seven years now, and therefore fully believes that this model is the best solution for law firms. Its Osprey.tm web-based Practice Management System is now used by hundreds of law firms.
“With a traditional IT infrastructure, firms are totally dependent on the quality of their local firewall and the availability of the manpower needed to monitor any suspicious activity,” Matthew Lancaster says. “Not only that, but what about if there is a burglary and the firm’s actual hardware is stolen? The security repercussions of an event like that would be disastrous.”
Even so, that doesn’t mean that firms should take tight security as a given. On this point, it is important to ask the vendor some questions to determine what security the company has in place. The ISO27001-2005 standard has been around for some time to cover the data and physical side of security.
“Security best practices are required as they would be for any data wherever it is stored, and so it’s important to make sure that these controls are in place, no matter which vendor and model you are working with,” adds Quill Pinpoint’s Peter Dye. “In particular, it is very important to ensure that not only the transmission of data across the Internet is encrypted, but that the physical storage in the cloud is encrypted as well, and so this would be an important point to raise with a prospective supplier of cloud-based services.”
As anywhere/anytime/any device access to important business data continues to gather momentum, cloud computing supporters argue that the whole idea of ‘your computer’ is slipping away, and being replaced with ‘your data’. In other words, proponents of this technology claim that those working in the legal sector (and beyond) should be able to get at their data from any computer, laptop, PDA, phone and so on, whenever and wherever they choose.
“An eminent professor was quoted in the 70’s as saying that computing should be supplied just like a public utility, such as electricity,” says Peter Baverstock from PEAPOD LegalOffice. “Although I don’t think we’re quite there yet, I can see the potential for that kind of model. For law firms in particular, the main focus of daily activity should be on the quality and the efficiency of the service provided. When you look at it that way, why should a law firm be worrying about things like hardware and IT infrastructure?”
“There is no replacement for the Internet in the works, and so the cloud computing model is here to stay, especially as development of traditional IT systems is considerably limited in comparison to what can be achieved with web-based systems,” adds Matthew Lancaster from Osprey. “Having said that, it’s very important to understand that there are many different types of cloud computing – from a single server dialed in to a full set of mirrored data centres! Both are cloud computing, and yet very different beasts. As such, it’s inevitable that traditional systems will be replaced by Internet-based applications, which means that an upgrade to these systems (and the associated data conversion and re-training) are all on the horizon for sure. It’s not a question of if firms will move to this model, but more a question of which firms will be the early adopters who decide to stand up and take the lead.”