<img alt="" src="https://secure.refl3alea.com/149779.png" style="display:none;">
LEGAL IT BLOG

Recommended Blogs

  • Cloud security basics for law firms and barrister's chambers

    The legal system, traditionally seen as a sector that is slow to adapt to change, has embraced technology and the ...

    Read More
  • The Role Of The Data protection officer

    The role of the data protection officer has come into much greater focus since the introduction of the GDPR.  

    Read More
  • Cyber safety rules for legal

    Given the highly sensitive nature of the data held on individuals and companies by legal firms, solicitors’ practices ...

    Read More
  • GDPR and the Cloud

    Solicitors’ practices and barristers’ chambers moving their information to the cloud have a choice, the most popular ...

    Read More
  • Best data privacy practices for the legal industry

    Data privacy has always been a critical area of importance for solicitors’ practices and barristers’ firms.  

    Read More
GDPR and the Cloud
BY Danny Killeen

Solicitors’ practices and barristers’ chambers moving their information to the cloud have a choice, the most popular two of which are the public cloud or the private cloud.

In the era of GDPR and in a time when cyber-criminality is growing so quickly that it’s turning into a world wide industry, what are the advantages and disadvantages of both types of platform?

 

The public cloud is computing and memory capacity available to every person and organisation subscribing to individual services like Office 365, Google Apps, Amazon Web Services, Dropbox, and more. Users receive the service for free or on a pay-per-use(r) basis.

 

The private cloud is a sectioned-off portion of the public cloud over which you have much greater control – think of it like an internal IT system but based away from your premises. Access is limited to your organisation and the people in it. The private cloud is protected by your firewall and the maintenance of it is controlled by your IT team, the data centre hosting it, or a combination of both.

 

GDPR & The Cloud I Sprout IT

 
Advantages and disadvantages of the public cloud

 

Public cloud services benefit from ongoing investment in both capacity (memory and processing) and security (firewalls). Investment in the provision of public cloud services is still in an “arms race” period as investor and corporate money is flooding into the sector with the main players looking to secure a competitive advantage.

 

Only your cloud provider and your IT team will know where in the cloud your data is situated making it much harder for potential bad actors to find. Public cloud services are built to withstand both hardware failures and sudden spikes in demand meaning that the speed with which you access information will be relatively unaffected by events outside your control at nearly all times.

 

However, you have no control over whether the data is encrypted on its travels to and from the public cloud and, if it is encrypted, over the level of encryption it enjoys. Your provider made change the terms and conditions of service at any time beyond your control and it may be difficult, if your public cloud services are outside the European Economic Area, to prove that your public cloud is a safe harbour.

 

Advantages and disadvantages of the private cloud

 

On a private cloud, your data and computing infrastructure is separate from the rest of the cloud and that separation gives you the ability to design your remote IT system to your firm’s exact needs and preferences.

 

Your private cloud is the computer network for your firm – it offers a virtual desktop user experience. A private cloud can also host database engine software like SQL Server in addition to many of the current legal software apps that your firm may already be using on your internal computer network.

 

Your firm owns the equipment on which your private cloud is hosted and your data is not at risk if your cloud service ceases to trade. You can collect (or instruct someone else) to collect the machinery.

 

Your IT team is charge of who accesses applications and files on your private cloud and they can make data security more robust by employing industry-standard firewall protection.

 

Which solution should legal sector firms choose when thinking about GDPR compliance?


The right solution for your firm will be the option, either offered by a public cloud or private cloud provider, which is closest to what you intend to use the cloud for.

 

At time of writing, there seems to be a sector-wide shift toward private cloud computing because of the ability to both run applications and retrieve files securely. Private clouds offer a much higher degree of controllability than the public cloud so the private cloud can be made to fit around a legal firm’s needs rather than a legal firm adapt its business processes around the public cloud’s limited functionality.

 

With reference to GDPR, this approach makes sense. Although the firewalls employed on the public cloud seem safe on the surface, ultimately the ability to protect your data is dependent on someone else’s judgment – your firm has no say on it. In addition, it’s much easier to stay compliant with safe harbour requirements using the private cloud and you’re also able to choose the level of encryption you require.

 

Bespoke advice

 

How much information does your legal firm store and how do you need to access it? Do you need a private cloud solution you choose to be able to run the generic and legal-sector-specific apps so that the ways partners and staff interact with IT stays as close to how it currently is? For every legal firm, there is a unique solutions. To discuss cloud solutions for your firm, please call us on 020 7036 8530 or email us.

 

 

 

sproutcloud cloud technology cloud solution GDPR private cloud