I’ve been working in and through the “cloud” since before it was called the cloud. First and foremost, I learned how to credibly publish to the web. If we haven’t met – google “legaltypist”…
I set up my service based company, LegalTypist, Inc., to be able to securely work with any attorney who could dial a toll-free number; and I amassed others who were like me to do the day to day tasks and typing of the law firms I set up on “the System” <-original I know, but the more technical name makes people’s eyes glaze over!
I picked the tech of LegalTypist for very specific reasons – including the criteria I have for any cloud based service entrusted with my client’s data/information/files.
Here are the 7 Questions I ask, and you should too:
1. Where are your servers and my data located?
If the answer is not 100% in the US (or the country in which your practice is located), move along.
2. What kind of security measures are in place for my data?
From the physical servers to the connections to your accounts, all access points to your data should be secure. Every time you log in, you should see https (not http) at the beginning of the url. The “s” means that the connection between your device and the website is encrypted and secure. Other things to look for are display of certifications from companies like Thwate and Verisign <-which indicate that the site, and depending on the certification, the company, seriously “get” web-based security.
3. Are the servers geo-redundantly backed up to servers also located in the same country?
What is geo-redundancy? That’s when back up servers are outside the same power grid as the main servers in case of a wide-spread power outage. How could that affect you? Here’s how it adversely affected one cloud based player (who’s top brass had said “yes” to this question over pizza at LTNY months earlier, I might add): See How Far We’ve Come–The Importance of Redundancy in the Cloud
4. Who is on staff to fix the servers should they go down?
If the answer does not start with “We have x number of engineers on staff…” or “those servers are hosted in a remote location; where the only people who can physically access them have biometric permissions in place” … move along.
5. How do I retain local copies of my data?
If a cloud provider does not at least have in place a way to download your contact database into .csv format, that’s a huge warning. Keep in mind that all cloud services are programmed differently – and since cloud means the software too – there is generally no way to manipulate your data outside of that particular service provider’s paid monthly account. However, if you can get your data into .csv, you may be able to figure out a way (or pay someone) to populate it into a different program.
6. Can I work off line?
Is there a way to download a full, local copy of your data that you use until you get back on line and update the cloud data? The answer is probably not. Never hurts to find out for sure.
7. How long have you been in existence?
The longer the better. If you can get with sustained growth over time without huge investment in outside VC, that’s the best possible scenario. The last thing you want is to select a service, take the time to load all your data, then train everyone (including your staff and clients) on how to use it, only to have the company go belly up or not secure another round of funding.
Of course, the above list is not the ONLY things you should ask – however, the answers to these 7 questions should give you a good feel for how seriously the company takes your privacy and the duty of confidentiality you have to your clients.