Cloud storage has become popular in legal circles for a reason - It provides small and solo firms with reliable software and security, and they don't have to support their own IT department. But as with most things in the law, a little caution goes a long way.
It's vital to conduct due diligence on any cloud vendor's security practices to ensure that it meets legal and ethical obligations about client confidentiality. In "FYI: Software as a Service for Lawyers," the ABA's Legal Technology Resource Center recommends asking these questions in particular:
- How does the vendor safeguard the privacy/confidentiality of stored data?
- How often is the user's data backed up?
- Does the vendor physically back up data at multiple data centers in different geographic locations to safeguard against disasters?
- What is the history of the vendor? How does it derive its funding? Is it financially stable?
- Can users access their data for offline use and/or backup? Can they retrieve their data after cancelling a subscription? And is the data supplied in a nonproprietary format compatible with other software?