Cloud storage has become popular in legal circles for a reason - It provides small and solo firms with reliable software and security, and they don't have to support their own IT department. But as with most things in the law, a little caution goes a long way.

It's vital to conduct due diligence on any cloud vendor's security practices to ensure that it meets legal and ethical obligations about client confidentiality. In "FYI: Software as a Service for Lawyers," the ABA's Legal Technology Resource Center recommends asking these questions in particular:

- How does the vendor safeguard the privacy/confidentiality of stored data?

- How often is the user's data backed up?

- Does the vendor physically back up data at multiple data centers in different geographic locations to safeguard against disasters?

- What is the history of the vendor? How does it derive its funding? Is it financially stable?

- Can users access their data for offline use and/or backup? Can they retrieve their data after cancelling a subscription? And is the data supplied in a nonproprietary format compatible with other software?