During this session, Minter Ellison, one of Australia's leading law firms, will share insights of the cultural and technical transformation their team experienced whilst building a highly secure client data platform on AWS. With topics ranging from legal contract negotiation, team skills enablement and the use of encryption and security best practices, this is a session that will provide insight on how Enterprises large and small can transform the delivery of IT and enable rapid business change using AWS.
Speakers:
Tom Bernadou, Managing Director, Data Solutions Group
Gary Adler, Chief Information Officer, Minter Ellison
Paul Harmat, Enterprise Architect, Minter Ellison
3. One of the Asia Pacific's leading law firms.
Operates with around 2000 staff in Australia, Hong Kong, mainland China, Mongolia, New
Zealand and the United Kingdom
4. $42 Bill Market Cap
50,000 Instances running in AWS
7 Billion Hours of Video per Quarter
$11 Billion Valuation
Migrated to AWS when only 12 staff
400 Terabytes of Data in AWS
Raised $1.5 Billion Funding round
Migrated to AWS in 2009
Serviced 25 million Guests Globally
5. ‘In the future the ability to
screen, analyse and interpret
unprecedented volumes of data
will become just as critical to law
firms’ success as the ‘art’ of
delivering legal advice is now’
Technology is changing Law
6. Agile
Platform
Data
Growth
Platform that must support the changing needs of the Industry and Firm.
Amazon Web Services provides this platform.
Recognition of the need to Transform
Need for immediate secure storage of client data for processing. This is
required on-demand with little notice.
Increase in Industry-wide volume of data
Business
Analytics
Access to a platform that will support current and emerging trends in the
Legal Industry, increasing speed whilst lowering processing costs.
Trends in Analytics, Big Data and Machine Learning
7. From Brainstorm to Build
How leading law firm, MinterEllison, built a highly secure
client data platform in AWS – Data Solutions Group
––
Gary Adler, Chief Information Officer
Paul Harmat, Enterprise Architect
––
April 2017
9. How to overcome barriers & obstacles
10
Step
3
Step
4
Step
5
Step
1
Step
2
WHY HOW EXECUTION WHAT’S NEXT
10. Cloud is ambiguous:
Define its meaning very specifically for your organisation
Remove the noise, focus on the ‘actual’ not the ‘anecdotal’
11
WHY HOW EXECUTION WHAT’S NEXT
Step
3
Step
4
Step
5
Step
1
Step
2
11. Step
2
Work out real
risks versus
perceived risks
Perceived
It’s unsecure
Clients may leave you
Performance, reliability issues
Its an alternative option
Real
Data sovereignty /
jurisdictional issues
Data retrieval
Security layer
Client engagement letters
Initial complexity
WHY HOW EXECUTION WHAT’S NEXT
Step
3
Step
4
Step
5
Step
1
12. Construct
mitigations
for real risks
13
Mitigation
1. Ensure contractually, private data is not
permitted to leave Australia
2. Understand process before committing
3. Data fully encrypted end-to-end & hold keys
4. Review approach with GC & Tech Lawyers
5. Use of expert integrators, actively upskill IT
staff
Risk
1. Data sovereignty /
jurisdictional issues
2. Data retrieval
3. Security layer
4. Engagement letters
5. Initial complexity
WHY HOW EXECUTION WHAT’S NEXT
Step
2
Step
4
Step
5
Step
1
Step
3
13. Step
4
Step
3
1. GC/CRO – risk, liability
2. Executive – clients/customers, revenue, strategy
impact
3. IT – major paradigm shift especially for
infrastructure team
4. The other 200 bosses – what does it all mean?
14
Work out key
stakeholders and
their individual
interests
WHY HOW EXECUTION WHAT’S NEXT
Step
2
Step
5
Step
1
14. 15
Start small
It is indeed a very complex space – don’t go it alone!
Find a safe and containerised first use case with both client and
business benefits (but keep an eye on the broader strategy to
avoid long term silos)
Patience, commitment and acceptance of failure along the way
WHY HOW EXECUTION WHAT’S NEXT
Step
3
Step
2
Step
4
Step
1
Step
5
Step
4
16. MinterEllison Client Data: Problem and Challenges
Challenges
On-premise infrastructure capacity
Expense to support peak compute and storage
Data back-up and protection requirements
Operational isolation of state-based eDiscovery teams
Risk, process and compliance
3rd parties, matter life cycle and archiving
Operational impact
Legality and security in terms of technology and client protection
WHY HOW EXECUTION WHAT’S NEXT
Problem statement
Continued growth
of client data in legal
dispute resolution
places increasing
pressure on the ability
for IT to support the
eDiscovery team
17. Overview of solution
Deployment of a secure and segregated AWS
infrastructure foundational layer
Elasticity of storage and compute to resolve on premise
constraints
Resiliency of backup and recovery of large amounts of
critical client data
Deployment of security layers to protect and mitigate risk
for the organisation
Citrix desktop and application virtualisation
Operationally close to data
Simplification of AWS complexity for end users through a
custom data transfer application
Deployed AWS Resources
WHY HOW EXECUTION WHAT’S NEXT
18. Integration with forensics suppliers and legal 3rd parties
SOLUTION
Execution through VPC peering, KMS
and S3 buckets for data sharing
Utilise AWS native infrastructure and benefits
across AWS accounts with 3rd parties
Encrypted and secured at rest and in transit
Time reduced from days to minutes leveraging
AWS’ high speed network
Remove the reliance on physical media
No data double-handling
Citrix ShareFile for ad-hoc sharing
Deepen relationships with 3rd party vendors in
our AWS cloud journey
WHY HOW EXECUTION WHAT’S NEXT
19. Dedicated AWS Data Transfer Application Part 1 of 2
WHY HOW EXECUTION WHAT’S NEXT
SOLUTION
A custom AWS Data Transfer
Application that empowers our
eDiscovery teams
Enables end users to operate AWS CLI
commands through a GUI to share data
Operational unification of MinterEllison state-
based eDiscovery teams
Encapsulates the encryption/decryption
of client data to 3rd party vendors
Leverages the high capacity AWS network
Alleviates eDiscovery team’s administrative
overhead in management of data
20. Dedicated AWS Data Transfer Application Part 2 of 2
WHY HOW EXECUTION WHAT’S NEXT
SOLUTION
The custom AWS Data Transfer
Application under the hood
Web Application deployed on an
EC2 CentOS 7 instance
Utilisation of python (boto3) API calls
to S3Transfer.Upload and
S3Transfer.Download
Application interfacing across AWS EC2,
S3, SES, KMS and DynamoDB
21. Security in the Public Cloud
WHY HOW EXECUTION WHAT’S NEXT
SOLUTION
Blending AWS Security best practices
with MinterEllison’s requirements and
security policies
Security through an AWS
infrastructure foundation
A security design that is scalable,
auditable and has levels of redundancy
Network Security
Auditing
Roles
23. The Journey Ahead
24
Strap yourself in for a long ride – 3 year transition
Internal
Test and development
environments
On prem to SaaS
Exchange, enterprise
collaboration tools
On prem to IaaS
Enterprise content
management systems,
Practice management systems
WHY HOW EXECUTION WHAT’S NEXT