The Power of Corporate Memory – Is the Legal Profession Ready?

I ran a panel session last week at the Legal Week Strategic Technology Forum on ‘Information Governance Best Practice’. I wanted to explore how concerned legal CIOs are about security threats and spear phishing in particular.

Mimecast’s Chief Strategy Officer, Matthew Ravden, ran a panel session last week at the Legal Week Strategic Technology Forum on ‘Information Governance Best Practice’ focusing on security threats and spear phishing in particular.

Mimecast’s Chief Strategy Officer, Matthew Ravden, ran a panel session last week at the Legal Week Strategic Technology Forum on ‘Information Governance Best Practice’ focusing on security threats and spear phishing in particular.

Also, how on top of compliance they are in terms of managing the huge amount of data they have and applying policies to it; and finally how predisposed they are to the idea of retaining more, rather than less, so they can apply business intelligence technology to deliver insights to the business.

On security, the reaction was unsurprising but also gratifying. No law firm wants to be the first to suffer a major breach, so there was a great deal of concern about the growing threat of spear phishing, as well as more mundane things like new strains of nasty viruses hovering at the gateway. But – and I have to declare that my panel consisted of three Mimecast customers – it was quite clear that these guys were happy to entrust the job of keeping out bad stuff, and bad people, to us. I talked about the fact that the Snowden/NSA saga seems to have created something of a cloud backlash, but most of the CIOs I spoke to here said that they felt sure that their data was safer in the cloud than it would be if they held it on-premise. This had a caveat – provided you choose the right cloud vendor. This was music to my ears, because we’ve heard a lot about companies insisting on holding encryption keys on-premise because they don’t want the cloud vendor to have theoretical access to it. And it’s ironic to hear this view touted as part of the post-Snowden paranoia, since Snowden created this furor by leaking documents from within.

On compliance, it’s quite clear that legal CIOs have their hands full getting a handle on the data management. And it’s not just data in digital form. Rooms full of files, CDs lying unencrypted in drawers. Lawyers who don’t want to listen to new ideas on good practice for managing data (and not leaving it on buses, or dictating loudly into machines whilst on trains). There’s a lot of cooperation going on between IT and risk and compliance teams, and that would seem to be a very good thing. But getting the information under control, perhaps into a single repository as opposed to multiple siloes, is a long and painful task.

By the time I got to the idea of ‘digital preservation’ vs. ‘defensible deletion’ it was pretty obvious that these firms, on the whole, have enough on their plates without entertaining ideas like ‘corporate memory’ and the suggestion that all data is useful, and it should be kept in perpetuity! Of course, it’s not that simple in the legal sector. Much of the data in the archive belongs to the law firm’s clients, rather than the law firm itself. So keeping it – and worse yet – analyzing it, could cause all sorts of complications.

They will get there, though. There was a presentation at the conference about the use of business intelligence tools to analyse data – albeit mostly financial data – to help the law firm get a handle on how much profit each lawyer is contributing to the business, and how well managed each case is from a commercial point of view. This may seem like baby steps, but if analysis of data in its early iteration can contribute directly to bottom line performance, then we’ll see more and more of it being deployed.

And I fully expect next year to be a different story altogether.


Make Legal & IT play nicely together!

One of my colleagues summed this up perfectly; he said you want to remove the V from “Legal Vs IT.”

There you have it, problem solved. Legal Vs and IT. But it’s not as easy as that is it?

I regularly receive fan mail from CIOs and IT Managers who are going head to head with their Legal departments, and sometimes Lawyers who are trying to get their point across to the IT department.

Those are the days I feel like a tech version of Dr Phil.

Lets take a step back and look at where the Legal and  IT departments interact. On a basic level they both provide services to each other; one becomes the customer of the other, and vice versa. (Apologies for the latin, I feel obliged to use a little for the lawyers who are reading. They, along with Doctors and people who finish The Times crossword keep that language alive.) But as you dig deeper into the line of business applications users require there is one that sticks out as being the sole domain of the Legal user. Litigation support and ediscovery applications.

The analyst firm Gartner tell us that ediscovery is one of the major drivers behind email archiving, it could well be ‘the’ driver for email archiving. For the IT department provisioning a usable and scalable ediscovery solution generally means large amounts of budget and certainly a truck load of disk space and processing power. For the Legal user it means having access to an effective discovery solution that allows them to perform from the Early Case Assessment (or Identification) phase right through to the Presentation phase.

Generally that’s where the problem lies.. Legal users demand access to data whilst the CIO tries to balance the cost effectiveness of storing data against the risk of deleting it. Yes disk is cheap but when you add up all of the paraphernalia required the shopping list becomes quite a challenge, and for the many companies not used to experiencing the  special joy and happiness that an ediscovery request brings, justifying the budget can be hard.

If I were Dr Phil I might say something like;

Learning to support each other isn’t something you can change overnight, this will be a long slow road, sometimes painful and sometime joyous. But learning to see the problem from the others perspective will make it much easier to solve.

Legal and IT departments are like step-children, they have only recently needed to get on and become friends. Historically they both work in their own little universes but today they each rely on the other to perform. So for one day or one week get them to swap toys, put the Legal users in ITs shoes and IT in the Legal team. Get them to really examine where the other is coming from and see how cooperative they become.

If they don’t drop me an email and I’ll see if I can line up Dr Phil.