Presentation is loading. Please wait.

Presentation is loading. Please wait.

©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Is Information Governance in the Cloud a Joke? How Safe Is Your Firm’s.

Published byPiers Mason Modified over 8 years ago

Similar presentations

Presentation on theme: "©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Is Information Governance in the Cloud a Joke? How Safe Is Your Firm’s."— Presentation transcript:

1 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Is Information Governance in the Cloud a Joke? How Safe Is Your Firm’s Cloud-Based Data? Moderator: Rafael Cantu, Cywest Regional Sales Director Presenter: Wes Withrow, TraceSecurity Governance, Risk and Compliance (GRC) Expert

2 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Agenda Today’s webinar will explore: – The role cloud computing plays in the legal sector – Where law firms are with cloud adoption and where the industry is headed – How your firm can leverage cloud- based solutions to support business operations – How to manage the transition to the cloud – securely and with minimal pain

3 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Legal Industry – Cloud Adoption TOOLSVENDORSEXECUTIONFINANCIAL Practice Management Case Management Time Tracking Document Assembly Contact Management Calendaring Time & Billing Developing features for cloud vs. on-prem Operations and support higher priority in cloud Hybrid approach of cloud and on- prem common Afraid to bury old data Pay-as-you-go, pay-as-you-use model changes purchase habits Avoid locking into additional services that you won’t adopt

4 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Adoption Challenges – Culture TOP-DOWN “I’m a managing partner, shareholder, founder – the data stays down the hall.” CULTURAL | INTERNAL ①IT team turf protection ②Office admin turf protection ROUND 1 CULTURAL | EXTERNAL ①Service provider turf protection ②Sales reps structure (On- prem vs. Cloud) ROUND 2 RANDOMNESS ①False sense of security w/on-prem ②Data breach, turn off services ROUND 3 UNILATERAL ACTION COALITION OF UNWILLING

5 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Cloud Transition Drivers Economic – “Practice Law” and “Billable Hours” – Cloud wins on cost 1 FTE /yr. = 10 cloud years Legal – Business-to-Business evaluation push – Third-party breaches (e.g. JPMorgan) Technology – Embedded with employees – Apps developed for collaboration Security – Data governance mandates – “Trunk slammers” weeded out

6 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Cloud Adoption Strategy “Our data is not in the cloud”

7 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Unplanned Adoption PRACTICE MANAGEMENT 3 FINANCES 2 DATA 1 1101010101010010 1010110101010101 1101010 1010100 “Ok, some cloud is legit.” “We’re not using this cloud.”

8 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Unplanned Adoption “Ok, our data is everywhere, let’s fix it by next week.” 5 firms unknowingly touched/had between 10-20 cloud apps with 30+ GB online data.

9 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Cloud Migration Path 1 APPROACH CAUTION 1)Not done overnight 2)Low entry cost, labor involved 3)OPEX  Monthly Recurring 4)Implementation Dip 5)Triggers improved security 2 PROJECT BASED 3 OPERATIONAL EXPENSES 4 TECHNICAL SUPPORT 5 SECURITY

10 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Cloud Migration Path 1 BREAK3 5 6789102 FILE SHARING Useful, secure RACK & STACK Cloud-based becomes requirement FILES & FOLDERS Sensitivity-based PRACTICE & CASE MANAGEMENT Work with vendor on implementation timeline. They build services into their model and are itching to help. EMAIL Internal Project Disruptive Scale Low Med High

11 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Security and Governance WHAT YOU NEED Risk Assessment Baseline Inventory Vendor “Audit” Prioritized Plan Immediate Results Asset Identification “Soft” Compliance Vulnerability Scan END RESULTS

12 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Legal Industry – “Soft Compliance” – Financial services client spent two years requesting security questionnaires – “soft compliance” – Conducted Risk Assessment, Vulnerability Scanning and Remediation Action Plan – Success measured by improved relationship with Risk Management Team – Biggest risks identified were weaknesses with the telephone system

13 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Three Key Takeaways 1 CLOUD ADOPTION 2 SECURITY 3 TRUSTED ADVISORS Industry Standard It’s in play in your environment right now. Security Posture Improves when done correctly. Implement Change Make sure the firm’s best interest is in mind.

14 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Questions? Rafael Cantu, Cywest Regional Sales Director rafael.cantu@cywest.com 949.544.1407 Wes Withrow, TraceSecurity GRC Expert wesw@tracesecurity.com 303.437.4256

15 ©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Thank You Rafael Cantu, Cywest Regional Sales Director rafael.cantu@cywest.com 949.544.1407 Wes Withrow, TraceSecurity GRC Expert wesw@tracesecurity.com 303.437.4256

Download ppt "©2014 TraceSecurity, Inc. All rights reserved worldwide. www.tracesecurity.com I Is Information Governance in the Cloud a Joke? How Safe Is Your Firm’s."

Similar presentations

Joey Yep Technical Marketing, Seagate CSS Creating a Competitive Advantage with Cloud.

Joey Yep Technical Marketing, Seagate CSS Creating a Competitive Advantage with Cloud.
California | Illinois | Michigan | North Carolina | Texas | Washington, D.C. www.dykema.com Exceptional service. Dykema delivers. 21 ST CENTURY LEGAL FEE.

California | Illinois | Michigan | North Carolina | Texas | Washington, D.C. Exceptional service. Dykema delivers. 21 ST CENTURY LEGAL FEE.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
VSCPA Northern Chapter Cloud Accounting Using QuickBooks Online With Not for Profits.

VSCPA Northern Chapter Cloud Accounting Using QuickBooks Online With Not for Profits.
Date: 03/05/2007 Vendor Management and Metrics. 2 A.T. Kearney X/mm.yyyy/00000 AT Kearney’s IT/Telecom Vendor Facts IT/Telecom service, software and equipment.

Date: 03/05/2007 Vendor Management and Metrics. 2 A.T. Kearney X/mm.yyyy/00000 AT Kearney’s IT/Telecom Vendor Facts IT/Telecom service, software and equipment.
© 2012 McGladrey LLP. All Rights Reserved.© 2014 McGladrey LLP. All Rights Reserved. © 2012 McGladrey LLP. All Rights Reserved. © 2013 McGladrey LLP. All.

© 2012 McGladrey LLP. All Rights Reserved.© 2014 McGladrey LLP. All Rights Reserved. © 2012 McGladrey LLP. All Rights Reserved. © 2013 McGladrey LLP. All.
Steps to Compliance: Risk Assessment PRESENTED BY.

Steps to Compliance: Risk Assessment PRESENTED BY.
Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.

Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.
Network security policy: best practices

Network security policy: best practices
Common Change Management Challenges for Companies Running Oracle Applications Presented by: Jeffrey T. Hare, CPA CISA CIA ERP Seminars.

Common Change Management Challenges for Companies Running Oracle Applications Presented by: Jeffrey T. Hare, CPA CISA CIA ERP Seminars.
1 Continuous Monitoring Proprietary Information of SecureInfo ® Corporation © 2011 All Rights Reserved.

1 Continuous Monitoring Proprietary Information of SecureInfo ® Corporation © 2011 All Rights Reserved.
Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.

Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.
Saxson Global Services Outsourced Professional Services BPO Business Process Outsourcing Your Global Sourcing Partners.

Saxson Global Services Outsourced Professional Services BPO Business Process Outsourcing Your Global Sourcing Partners.
Welcome to iDOC Corp. DocHost Solution Online Document Management DocHost 14 Day Free Trial www.iDocHost.com.

Welcome to iDOC Corp. DocHost Solution Online Document Management DocHost 14 Day Free Trial
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
The Cost of Cheap Understanding Your IT Investment Options.

The Cost of Cheap Understanding Your IT Investment Options.
+ Email-SIG Information Systems & Computing University of Pennsylvania June 27, 2013 1/13.

+ -SIG Information Systems & Computing University of Pennsylvania June 27, /13.
Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.

Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.
EEye Digital Security  1.866.339.3732   On the Frontline of the Threat Landscape: Simple configuration goes a long way.

EEye Digital Security    On the Frontline of the Threat Landscape: Simple configuration goes a long way.
Implementing and Auditing Ethics Programs

Implementing and Auditing Ethics Programs

Similar presentations

Ads by Google