Over the past few years, we’ve developed a national study to help us better understand the state of cybersecurity. This year, in response to the legal industry’s increased prioritization of comprehensive cybersecurity programs, we developed the 2021 Law Firm IT Scorecard, which was aimed to better understand how broader IT environments across the industry have evolved. In addition to cybersecurity, research assessed new demands on technology and IT-related capabilities and infrastructure.
The study included a survey of more than 200 IT decision makers, including CIOs and other executives, IT directors, information security managers, managing partners and legal advisors across small and medium-sized law firms (20-200 attorneys) located throughout the United States. The results underscored that proper implementation of technology at law firms is critical to success.
As we head into another year full of transformation and innovation, these are 3 key takeaways from this year’s report that can help firms optimize their IT strategies in 2021.
Only 30% of firms use legal-specific, cloud-enabled document management systems
Law firms should use robust, cloud-based document management and practice management systems, which are critical for lawyers to efficiently access case documents and other information. Over the last year, with the mass migration to remote-work, many legal professionals faced challenges accessing case-related documents from locations outside the office. Cloud-based document management systems make it easier to access documents from remote locations.
Further, it’s recommended that firms use legal-specific, cloud-based document management systems. Legal-specific document management systems provide built-in organization systems and offer key features most relevant to lawyers including limiting access to specific firm members, document versioning and audit logging. Legal documents require specialized management that complies with standards and regulations.
Many also offer add-on integrations with other software applications like Microsoft Office, email applications like Outlook and Gmail, and PDF editors such as Adobe Acrobat provide efficient ways to access and save documents. Less than one-third of firms reported using cloud-enabled systems, which means there is an opportunity for many firms to improve efficiencies and simplify technology integration.
Firms depend on cloud-based IT solutions for their communications
Across the legal industry, the shift to remote work due to COVID-19 forced complete cloud adoption and migration. Cloud-based solutions provide firms flexibility, predictable spend, increased agility, simplified user experience, and in many cases, significant cost savings. These solutions also typically provide better encryption and monitoring than law firms can provide for themselves.
Cloud-based solutions are becoming commonplace among small and medium-sized law firms, especially now as reliance on remote-capable technologies is on the rise. All firms surveyed reported using cloud-based email, while cloud-based server hosting is the top method of server hosting over physical data centers. Office365 and Gmail are the most used cloud-based email solutions; however, Office365 is recommended over Gmail because it integrates better with legal-specific software.
While most firms use VoIP phone services in lieu of traditional analog phones, many still host their VoIP solutions with onsite servers. It’s recommended that hosting is moved to the cloud to remove reliance on on-premise infrastructure, lower associated staffing costs, and provide more readily available remote communication options.
Very few firms hold trainings at the recommended monthly cadence
It’s estimated that each hour of effective training is worth five hours of work to a business. According to our research, most firms fail to provide effective trainings often enough. End user training, which trains members and staff on firm technology and cybersecurity threat awareness, is proven to significantly increase efficiency and security.
Most third-party client audits require law firms to have at least an annual end user cybersecurity awareness training program. We found that most firms conduct some kind of training, whether it be annual, quarterly or on as as-needed basis. However, the technology and threat landscapes change daily, making regular, ongoing trainings imperative. Disparagingly, only 5% of firms conduct monthly end user training, which is the recommended cadence.
People and processes are the foundation of mature IT programs. A firm’s technologies are of little use if trainings are lacking and staff is unaware of best practices and policy developments. To effectively execute training, plan the training sessions well in advance and make them mandatory for all firm members and staff. Depending on the size of your firm and variance of positions, consider holding multiple sessions and break them down by position or expertise. It may also be helpful for firm members to practice what they learn on real or sample work during the training session to apply and reinforce the new skills.
Technology can be the single biggest strategic enabler of law firm growth. If we’ve learned anything from the past year, it’s that no one can predict the future. Agile solutions and ongoing training will allow firms to continue to be well positioned for disruptions. To access the full report, including comprehensive key findings, analysis and recommendations, download the 2021 Law Firm IT Scorecard.
Gulam Zade is the CEO of LOGICFORCE, a legal technology consultancy that serves law firms across the country.
This article was originally published in Law.com’s Mid-Market Report on 2/15/21. Read the article here: https://www.law.com/mid-market-report/2021/02/15/recent-study-underscores-importance-of-cloud-based-solutions-it-cybersecurity-policies-and-continuous-training-at-law-firms/