Download as PDF, PPTX
Uploaded byAntigone Peyton
Taking Your Practice Into the Cloud (2011)
The document presents an overview of cloud computing tailored for lawyers, detailing its essential characteristics, service models, and deployment options. It emphasizes the importance of data security and confidentiality, as well as the ethical implications and legal compliance associated with using cloud services. Key considerations such as reliability, implementation strategies, and contractual obligations with cloud providers are also discussed.
More Related Content
Similar to Taking Your Practice Into the Cloud (2011)
Taking Your Practice Into the Cloud (2011)
- 1. April 11-13, 2011 www.techshow.com Taking Your Practice Session Title Into the Cloud Presenters Presenters Antigone{Name} Peyton John Simek {Name} PRESENTED BY THE April 11-13, 2011 www.techshow.com
- 2. Lawyers in theCloud: A Brave New World © Copyright, Museum of Science, Boston, reprinted with permission. April 11-13, 2011 www.techshow.com
- 3. Cloud Computing 101 for Lawyers • Cloud Computing-NIST Definition (Jan. 2011) – A computing model for enabling convenient, on-demand network access to a shared pool of computing resources (e.g., networks, servers, storage, applications, and services) – Resources can be consumed w/ minimal management effort or service provider interaction April 11-13, 2011 www.techshow.com
- 4. Cloud Computing 101 for Lawyers • Cloud Computing-NIST Definition (Jan. 2011) – This cloud model is composed of five essential characteristics, three service models, and four deployment models • NIST Definition of Cloud Computing (Draft), Peter Mell and Tim Grance, available at http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800- 145_cloud-definition.pdf April 11-13, 2011 www.techshow.com
- 5. So What DoesThis Mean? • You pay for what you use (economic model) – Per user/per month – Amount of space or computing power used in a given unit – Number of uploads/downloads • Someone else takes care of the IT hardware and software • Outsourcing computing infrastructure April 11-13, 2011 www.techshow.com
- 6. 5 Essential Characteristics •On demand self- service • Broad network access • Resource sharing with others (multi-tenancy) • Rapid elasticity • Measured service April 11-13, 2011 www.techshow.com
- 7. Service Models • SaaS-“Software-as-a-Service” – Common service model for lawyers – Interact with the software that you bought the rights to use to consume computing power – Clio, Rocket Matter, NetDocuments, Google Apps April 11-13, 2011 www.techshow.com
- 8. Deployment Models • Private-Iwant my own data island that you or I manage • Community-I will share with others of like needs and interests • Public-I will share the servers, applications, and computing resources with others • Hybrid-A little bit of both choices April 11-13, 2011 www.techshow.com
- 9. Reliability • Network Technology •DNS • Redundancy-data in more than one location • Elasticity-reacts to ebb and flow of data usage • Risk assessment-cyberthreats and Internet infrastructure attacks April 11-13, 2011 www.techshow.com
- 10. Reliability • Cyberattacks onthe rise – Symantec annual threat review found # of Web attacks rose 93% in 2010 – Expected increase in attacks on social networks – Shift to mobile devices April 11-13, 2011 www.techshow.com
- 11. Internet Access • Centralizedstorage and accessibility over the Internet gives rise to good accessibility • Good mobility • Platform indifferent- Windows/Mac/Linux • iPad/Netbooks • Smartphones April 11-13, 2011 www.techshow.com
- 12. Client Access • Internet • Dedicated circuit • Browser • Client app – 2 Factor April 11-13, 2011 www.techshow.com
- 13. Confidentiality • Systems builtwith access security measures • Data structure protects different users data from intermingling • Reasonable measures to protect information • Similar considerations to third party vendor situations April 11-13, 2011 www.techshow.com
- 14. Data Security • Encryptionon servers • Enterprise style user security • Lack of local storage can protect data (reduced risk of lost laptop problem if local data not encrypted) April 11-13, 2011 www.techshow.com
- 15. Data Security • Securitycertifications and approved security protocols • Physical security • Technical/virtual security • Beware of compromised security certificates (e.g., Comodo SSL certificates compromised) April 11-13, 2011 www.techshow.com
- 16. The Ethics ofCloud Computing • More detail on this in later panel discussions-hot topic! • Bottom line of opinions: – Understand the technology & how it works – Take reasonable steps to protect the information • At this point, not per se violation of ethics rules to put client data in the cloud April 11-13, 2011 www.techshow.com
- 17. Data Privacy • Encryption •Export restrictions • Processing restrictions • Who can look under the hood? • Patchwork of federal & state laws April 11-13, 2011 www.techshow.com
- 18. Cross-Border Considerations • EU Directives and member state implementation and enforcement mechanisms • Canadian federal laws (PIPEDA, Privacy Act) and province-specific restrictions and protections • Export control • Always consider server locations & application of local laws April 11-13, 2011 www.techshow.com
- 19. Implementation • Private vs.public cloud • Outsourced private cloud – Federal Government – City of LA “Gov Cloud” • Hybrid cloud April 11-13, 2011 www.techshow.com
- 20. Other Considerations • Financialstability of cloud provider • Bankruptcy backup plan? • Data ownership/possession/control are divided between the firm and the provider(s) • FRE 34-”Control” read broadly by most circuit courts April 11-13, 2011 www.techshow.com
- 21. Other Considerations • Databackup – Local or remote & encrypted • Backup includes a fully functional alternative if the primary provider encounters issues? • Who are you contracting with? • What are the contractual duties regarding data access, transfer, guaranteed minimum downtime April 11-13, 2011 www.techshow.com
- 22. Read The Contract! •The contract (TOS, SLA, Privacy Policy) governs the parties rights and obligations • Is it updated regularly and applied nunc pro tunc to existing customers • What are the cloud provider’s obligations? April 11-13, 2011 www.techshow.com
- 23. Read The Contract! •A real cloud contract (TOS) • (1) The Service is provided on an “as is”, “as available” basis and CoX expressly disclaims all warranties, including the warranties of merchantability and fitness for a particular purpose. (2) CoX and its …. affiliates does not warrant that: (a) the Service will meet any specific requirements; (b) the Service will be uninterrupted, timely, secure, or error- free; (c) the results that may be obtained from the use of the Service will be accurate or reliable; (d) the quality of any products, services, information, or other material purchased or obtained through the Service will meet any expectations; and (e) any errors in the Service will be corrected. April 11-13, 2011 www.techshow.com
- 24. Upgrades • Ability to control? • Cost • Latest version(s) integrated • Customization options vs. provider driven software changes April 11-13, 2011 www.techshow.com
- 25. Exit Strategy • Dataexport options – Quicken Online • File formats • Data conversion or re-creation of native environment April 11-13, 2011 www.techshow.com
- 26. Information Governance / Records Management • Migration of data into/out of the cloud • Identification and application of data retention requirements • Impose company retention/destruction needs on providers April 11-13, 2011 www.techshow.com
- 27. E-Discovery & Legal Compliance • Subpoenas • Government investigations • Ability to provide discovery of particular custodians’ data? – No such thing? • What if you are a non-party? April 11-13, 2011 www.techshow.com
- 28. E-Discovery & Legal Compliance • Specific bar association opinions on duties (e.g., Arizona opinion) • HIPAA • Data breach notification – Who is required to notify? – Who do they notify? April 11-13, 2011 www.techshow.com
- 29. Save the Date ABATECHSHOW 2012 March 29-31, 2012 Hilton Chicago April 11-13, 2011 www.techshow.com