In 2017, only 1% of French law firms had a secure client space1. A secure client space is a password-protected online interface in which two or more partners can share messages and documents.
In addition to the lack of a collaborative tool for interacting with clients and partners, 66% of French firms were not equipped with an electronic document management system (EDM) at the end of 20162 . While no precise figures are available for law firms, it is clear that a large number of structures are not yet equipped. These statistics obviously vary according to the type of structure: large firms are better equipped than smaller ones.
Moreover, lawyers are still attached to paper. Even today, some lawyers are still only using paper versions of legal texts and precedents, whereas their digital versions are updated almost daily, as well as personal hard drives to store their clients’ data. Finally, when it comes to sharing, the tools are often not adapted to their practice and host the data in the United States (Dropbox or Google Drive, for example).
Even beyond compliance with the GDPR, the stakes are enormous. In 2017, a security study conducted by IBM revealed that the average cost of a data breach would be $3.62 million3. In France, the total cost of data loss that occurred in 2014 alone is estimated at 30.9 billion euros4. Out of 24 countries ranked according to the maturity of their data protection strategy, France ranked 21st at the time.
Among the targeted causes, cybercrime ranks first. IBM reported that in 2016, two-thirds of the four billion records of stolen or lost data were due to cyber attacks. However, keep in mind that “human error” is the source of the majority of cyber-attacks and data loss (clicking on an infected link, sending documents to the wrong email address, etc).
84% of European organizations report that employees commonly use IT systems and solutions that are not authorized by internal rules5. Lost hardware (laptops or USB keys) or their failure are also causing many incidents. For example, in 2016, dropped devices accounted for 13% of data loss cases6. Law firms, as holders of their clients’ most sensitive data, must be particularly vigilant in training and mobilizing their employees and collaborators, who are often the most fallible link in the system.
In a 2014 survey, 34% of executives thought the cloud was a mobile app, 9% thought it was a brand, and 28% thought the data exchanged was transmitted via satellite7. This technology has long suffered from an unwarranted bad reputation: loss of control over files, lack of transparency, public access to data… Preconceived notions that are far removed from reality.
The concept of Cloud is simply to store data on a set of servers accessible via the Internet rather than on a local infrastructure (employee computers or servers located on the company’s premises). But is this Cloud accessible to anyone? Certainly not. Is there a risk that data will be lost in the event of a failure? This is much less likely than if you save it on your own hard drive. As for security, relying on technical resources in a data center hosting tens of thousands of customers allows you to share best practices in terms of digital defense, risk reduction and data backups at a lower cost.
There is a growing realization in the legal community of the challenges and benefits of cybersecurity. A 2018 survey of U.S. counsels and attorneys (known to have strict compliance procedures) found a growing use of the Cloud, not only for software-as-a-service (SaaS) solutions but also for data storage, e-discovery and transactional documents8. According to the study, it is only a matter of time before this technology becomes mainstream in the legal community, especially due to client demands, evolving technologies and regulations such as GDPR.
It is essential for all trusted third parties, such as lawyers and counsels, to take into account IT risks in their practices.
In addition, it is important to demystify the Cloud: an adequate Cloud solution is more secure and offers more guarantees of confidentiality than local data storage. Remember that many systems used daily by all (Gmail, Office 365, etc.) are cloud-based.
As a SaaS (Software as a Service) solution, legal transaction management software Closd is easy to use (no installation required), flexible and secure. It is also a reliable platform that allows you to digitize your legal operations, and that protects your sensitive data as well as your clients’ data.
1 My Cercle study, 01/20/2017
2 Baromètre de la Transformation Numérique de l’Entreprise, Canon, Edition 2016
3 2017 Ponemon Cost of Data Breach Study, IBM
4 Study conducted by Vanson Bourne on behalf of EMC Corporation, February 13, 2015
5 Toshiba, Make IT work, 09/28/2017
6 Data Loss Index compiled by Kroll Ontrack, 2016
7 IFOP / Aruba study – November 2014
8 E-discovery Unfiltered Survey, Ari Kaplan Advisors, 2018