Strategic Planning for Cloud Adoption

By Christopher Zegers
 
Recent breakthroughs with cloud and artificial intelligence should be closely followed by law firms.  With a plethora of new players in the space, the opportunity for law firms to align their business strategies with technology is greater now than ever.  However, choosing the right suite of technologies is no simple task.  Before being told what you need by vendors, determine what you want to do better through thoughtful, guided discussions with other law firm leaders and practitioners.  This article offers strategies to engage with your colleagues and what to consider when you have their attention.
 
Evaluation
When faced with the inevitable technology upgrades that keep businesses running, we often follow the path of least resistance.  We stay with the incumbent vendor, secure in the knowledge of their strengths and weaknesses, and the level to which our expectations will be met.  We upgrade, secure in avoiding data migrations, training and process changes.  Moving to the cloud requires substantial effort, even when staying with an incumbent vendor.  Because it will undoubtedly affect how your employees perform their work, it is the best time to assess and identify how to improve your business practices, as the answers and requirements that come out of this assessment will drive you towards successfully selecting the right software.
 
When evaluating and benchmarking software against functional requirements identified and gleaned from in-depth interviews with law firm constituents, it is helpful to delineate between functional requirements (business tasks and processes) and non-functional requirements that must be met by the vendor, particularly their security posture and underlying technical platform.  It’s also important to assess each vendor’s position in the marketplace to understand their financial standing, long-term viability, potential for acquisition and product roadmap.
 
Selection
A successful software selection process entails comprehensive requirements-gathering that generates a list of features, functionalities, need, and wants against which each product is benchmarked.  Those vendors closest to meeting the functional and non-functional requirements will love the opportunity to demonstrate how useful their product can be for your law firm.  You should not let them do this because they don’t know your law firm.  They know how their product works best and will present that to you, when what you need to see is if their product will do what you need it to do best.  With the knowledge you’ve developed about your law firm, you can direct the product demonstrations, focusing on what’s most important to you and saving time from superfluous information that can distract an audience and derail a demonstration.
 

Whether you take a formal RFP approach or not, the time and effort needed to prepare for and engage in software selection should not be underestimated.  Time, resources and costs should be allocated for requirements-gathering, benchmarking and negotiations.  It is critical to understand every detail of a contact to manage risk, ensure no hidden costs and ensure data ownership and portability.  Having laid the groundwork above, successful implementation is more likely because you have the details for which you can hold your vendor accountable.

Data Management
Moving to the cloud is also the best time to re-evaluate and enhance your data management practices.  There are countless ways in which proper data management will enhance your business practices and strategies.  When data is governed properly, actionable information and institutional knowledge can improve your work product and client service.
 
From a security perspective, data should be managed according to the principle of least-privileged access, by which only those who need access to data have it, and for only the amount of time necessary.  Data management practices must be enforced by policies, procedures and training.
 
Putting your data in the cloud does not preclude you from ensuring that access rights are assigned properly, and private data is not unintentionally configured for public access.  This is an ongoing effort that requires scheduled audits to ensure policy and procedure compliance and identify training and process-improvement needs.
 
Agreements and Insurances
Negotiating a cloud contract properly involves more considerations than traditional technology services.  Even with news-making outages of Microsoft, Amazon and Google, consumers often consider clouds to be fully redundant.  Purely from a risk perspective, it is best to know everything that can go wrong up front.  Vendors should be pressed to provide the instances where outages or failures may occur.
 
It is critical to ensure that you retain ownership of the data and metadata stored in the cloud service and a clearly defined method exists for migrating the data into an externally recognizable format, e.g., Structured Query Language (SQL).  If your vendor stores protected health information (PHI), it is important that you have executed a business associate agreement (BAA) with them.
 
It is also important to clarify to what, if any, extent do vendor engineers and support specialists have access to your data and under what circumstances.  Also ensure that you are indemnified of any data breaches or loss that result in vendor errors, product vulnerabilities or defects.  And, finally, your vendors should have cyber insurance, inclusive of coverage for the trending tactic of social engineering of vendor staff.
 
Conclusion
Going to the cloud has never been an easier decision.  Getting on the cloud is more complicated, but it’s the best opportunity law firms have had since Y2K to re-evaluate their business processes and develop strategies that can be achieved in part through the proper use of emerging technologies.
 
Christopher Zegers is the Director of Consulting – Legal for Ivionics.  Chris is responsible for providing Ivionics’ law firm and corporate legal department clients with legal operations management consulting, capitalizing on proven process management principles and a team of legal tech, development, infrastructure, cloud and security experts to help legal teams exceed client expectations and generate consistent, high-quality products and services.  He may be reached at [email protected].
Share this post: