Leveraging blockchain to decrease data breaches, increase security

Originally published in Thomson Reuters AnswersOn

By Joseph Raczynski

In the not-too-distant future, blockchain will get personal – very personal. That’s a good thing when it comes to integrity of your digital identity.

The Internet is a complex space for identity management.  Every site has a login and password, and those sites which have federated their login credentials have become massive targets for hackers.  In addition, the largest institutions charged with holding onto private information have become single points of failure; e.g. Equifax and the federal government’s Office of Personnel Management (OPM).  As the security breaches have grown in size, so too has the importance of finding a new solution to protecting of data in our always-connected world.

The solution will soon be in our hands

In the not-too-distant future, you will have a digital wallet containing hundreds or thousands of Decentralized Identifiers (DIDs).  DIDs are described as a new type of globally resolvable, cryptographically verifiable identifier registered on a distributed ledger.  These will be unique, encrypted, addresses that each of us holds in a mobile app to verify something about us; e.g. our age, height or even personal preferences.  They will be granted by a trusted source, but we will hold on to these privately and have complete control over them.  As the Sovrin Foundation explains, “The next evolution of the Internet will be the creation of a common identity layer that allows people, organizations and things to have their own self-sovereign identity—a digital identity they own and control, and which cannot be taken away from them.” This monumental shift enabled through the use of blockchain will change the paradigm of ownership of identity from the traditional large organization like Equifax into private hands.

Submitted photo courtesy of Department of Homeland Security

How will DIDs work?

I would expect that in the next five to 10 years, everyone in the United States will be issued a new national identification number to replace our current social security number.  As you can see in the above graphic, an agency such as the Department of Homeland Security (DHS) will issue this new number.  It will assure the person making the claim is who he or she says he or she is, and issue a DID with a private key (for their eyes only) and public key (for anyone to verify the ID) which the person holds in his or her digital wallet.  The DHS will also register proof of claim integrity on the permissioned blockchain (a vetted private blockchain).  Going forward when requested, the person can present his or her digital identification (public key) to the verifier (Border Patrol, an employer, IRS) who can then validate this claim’s integrity through the secured blockchain registry.  Most of these exchanges of information will use a QR code so the DID can be scanned with ease.  This new verification system will create significant efficiencies and will be much more secure.

Eventually, this will be expanded beyond government issued identifiers, though at MIT Sovrin, it was mentioned the IRS is looking at this solution now.  You will soon have DIDs for access to anything you normally use for login and passwords on websites, access to your house and starting your car.  Anything that requires a key or login now will leverage this new technology.  Self-sovereign identity flips the old model of control from central authorities, or single points of failure to individuals.

Blockchain, a Disruptive Force Now Impacting the Legal Industry

Originally published in LegalBusinessWorld

By Joseph Raczynski

Blockchain, a Disruptive Force Now Impacting the Legal Industry

Defining the technology and citing real world examples in Legal

Basics of Blockchain

We are at the precipice of transformative change in nearly every industry.  Blockchain or Distributed Ledger Technology (DLT) is the cornerstone of this rapidly evolving new era of efficiency and disruption impacting the legal industry.  Blockchain is generally defined as a distributed database or ledger.  This differs from the traditional record, in that a database is usually centralized, generally in one location or system.  With DLT, it evolves from a central database (a single store of information), to a database that is spread among multiple computers (sometimes thousands) saving a copy of the information.  Ultimately each computer will have a duplicate of the data.  It is encrypted, immutable (cannot be changed), driven by consensus (all computers have to agree), and is not owned by any single entity.

A natural question that arises.  Why would anyone want a database to be distributed?  The financial crisis of 2008 taught us many valuable lessons, one of which was that massive organizations who wielded all of the power (think a single database) can be a weak link for the broader system.  If that one entity should fail, the entire system likely will follow.  From these financial reverberations, Bitcoin was born, which has as its underlining technology, the original Blockchain.  The intent, distribute data over a massive network, for verification, authentication, and transparency without one person or organization having dominate control over the system or data.  At its heart these are ideological motives that clearly have anti-establishment roots.  However the technology it is starting to flourish at an exponential rate.

Real World Blockchain Examples

As you may gather there is certainly much hype around what can be done with this technology.  Below you will find several examples that I discussed recently with industry experts at Consensus 2017, a massive Blockchain conference in New York City.  Here I met with and examined several smaller startups and their quest to build out solutions with DLT which will impact the legal industry.

Government – Blockchain Powered Land Registry:  Thomson Reuters Tax and Accounting states that 70% of the world’s land is unregistered.  Ownership of land leads to significant empowerment and growth of wealth for individuals.  An organization called BenBen is endeavoring to help lock in property rights for citizens of Ghana, Africa using the Blockchain.

Problem: In this use case, land records are stored in a centralized database with no other benefits besides a paper registry. BenBen states, “It is virtually impossible to collateralize property rights in Ghana because other paper registry system is unenforceable in court.  Because of unenforceability, banks will not accept land as collateral.  This situation leaves millions without the possibility of leveraging their property to rely on the rule of law for protection – continuing the ongoing cycle of poverty for much of the population”.

Solution: BenBen is working with BigchainDB, a new Blockchain organization to create a “top-of-stack” land registry verification platform.  Essentially it is a new infrastructure built on a Blockchain and integrated with financial institutions to update current registries.  Essentially BigChainDB are “enabling smart contracts and distributing private keys for clients to allow an automated and trusted property transaction between all parties.”  So people would be able to verify that they own something in order to more easily obtain loans and build wealth.     

 

Intellectual Property – Music Ownership and Distribution:  Currently there are dozens of entities that get paid out on a single song that you may download from iTunes.  The labels, marketers, distributors, and finally the artists all get a cut of the proceeds.  The current payout model looks like a bowl of spaghetti with a myriad of entangled strings connected, each piece of the business seeking their $auce.

Problem: The control of the music in the traditional model is in the hands of the corporations and labels.  A fraction of the funds are eventually paid back to the artist.

Solution: Resonate, another Blockchain startup, is working on a solution to use this technology to bypass the corporations and labels.  As you listen to music, you can make micropayments to artists – directly to them.  Micropayments are cents or fractions of cents that are possible through the newer cryptocurrencies, which may be divisible by tiny fractions of a penny USD.  All of these transactions are stored on the distributed ledger, essentially cutting out all of the middlemen.  Baked into this are smart contracts which are encoded into the chain and automatically perform actions that normally humans would be oversee, i.e. the payouts.

 

Identity – Verified Identity Credentials: When a job is posted, how do you know that the person applying for the role graduated from the school they listed?  One area being explored is how to leverage the Blockchain to verify who someone is and what they are stating is true.

Problem: In the traditional Resume or CV people sometimes forge, alter, or falsify documents in order to buoy their chances.

Solution: Recruit Technologies has built a prototype resume authentication database for people looking for jobs and employers.  BigchainDB is working to leverage DLT to store applications and their documents.  Through the natural immutability, the files offer greater trust and auditability.  Built on this platform, a company could be better positioned and hold less liability.

 

With hundreds if not thousands of use cases forming that leverage Blockchain technology, the legal industry is perfectly positioned to adapt and assist in this space.  The three aforementioned use cases are directly connected to people and business; therefore have a direct play within legal.  While Blockchain may impact certain parts of how a law firm works, government agency interacts with people or a corporation works, there is little doubt that the early adopters will have a major head start compared to their counterparts by engaging in Blockchain.

Is Virtual Reality Finally Ready for Business Use?

Originally published on Practice Innovations

By Joseph Raczynski

“It’s like dreaming with your eyes open”VR Developer

We are rapidly entering a time where space – the distance between people – will have little relevance. Even at this moment, distance is verging on extraneous. A news story breaks in Tokyo and seconds later a goat herder on the Serengeti in Africa can view it on his mobile device. The speed of communication and information dissemination is bridging communication gaps that existed for eternity. The next evolution will allow people to interact with others unlike ever before. Virtual Reality (VR) is this emerging technology ushering us into this new realm. We will delve into VR momentarily, but first we need to understand its underpinnings of why now.

How did we get here?

We are experiencing an era of exponential growth in several key technological spheres. I call this the Trinity of Forces: processing speed, memory, and AI. The first force states that computer processing speeds are growing exponentially. Known as Moore’s Law, the concept is that computer chip speed doubles every 12-18 months. This is significant. Think of it this way, the $1,000 computer you purchased in 2001 had the processing power of a gnat’s brain. In 2010, that new $1,000 computer processed as fast as a mouse brain. In 2024 it will process as fast as the human brain. Roughly by 2040 that $1,000 computer you buy from Amazon.com will process as fast as the collective brains of all of humankind. This is exponential growth of processing power.

The second of the trinity is the exponential growth of memory. Cloud computing has become cheaper and more easily accessible than ever before. In fact, we are at a point where infinite memory will almost be free. Viewing the graphic you can gauge the direction we are headed. In 1956 a memory device the size of a closet had 5MB and cost $120,000. Fast forward to 2005 and 128 MB totaled $99, but then in 2014 we were able to jump to 128 GB priced at $99. This is exponential growth of memory.

The third force of the trinity is Artificial Intelligence (AI), that is, the creation of code-based algorithms which are adaptive and able to evolve rapidly (i.e. computers teaching themselves to learn).

When weaving these three elements together you have a platform for technology to thrive in an explosive fashion.

The Year of VR

VR is a slice of sci-fi we have been anticipating for decades. Incubating in a state of inertia, it has been waiting to leverage the Trinity of Forces to rise. Widely discussed, 2016 is the year of VR. Virtual Reality in all of its forms is reliant on technology becoming faster, smaller, and more adaptive, which is happening all around us right now and is pivotal to understanding the business evolution for VR.

The Nomenclature of VR

  • Virtual Reality (VR)—typically refers to computer technologies that use software to generate realistic images, sounds and other sensations that replicate a real environment1 using something over the eyes and ears to view and hear. No question VR is the term that gets bantered about most frequently, however there are two other terms that are integral.
  • Augmented Reality (AR)—essentially uses a device over your eyes and layers digital information on top of what you see in front of you. This could be text on top of what you are looking at (a text message that just came in) or notifications popping up on your viewing lens as you walk down the street—perhaps 30 percent off if you walk into Starbucks immediately.
  • Mixed Reality (MR)—is the newbie of the trifecta and some industry experts believe it has the most potential for adoption. MR is a newly minted phrase that mixes the best of VR and AR into one package. This medium places extremely realistic imagery over and around what you currently see with your eyes. The largest player in the VR space is Magic Leap, more on that in a moment.

Virtual Reality Emerging All Around Us

The aforementioned advancements in tech are leading us directly to the virtual door of VR for the enterprise. The investment in this space is moving forward faster than ever. In fact, according to Digi-Capital, who tracks this space, “almost $1.2 billion was invested in the first quarter of this year alone, with around $800 million going into Magic Leap. To put this in perspective, $1.2 billion dollars is 25x the level of AR/VR investment 2 years ago in Q2 2014.” 2 Initially, many of the dollars are being spent on building out platforms. In addition, the gaming sector is certainly ahead of the curve on investment. Microsoft built the HaloLens which is one of the best examples of Mixed Reality in the market. HaloLens helps with a mundane task where we all might find ourselves needing assistance. For example, a pipe under the kitchen sink is cracked and needs to be replaced. Donning the HaloLens, you open the cabinet door to see the ailing pipe next to your disposal. The HaloLens kicks in and layers graphics on top of the real pipe with arrows and directions for how to dismantle the pipes with the proper plumber’s wrench. The Lens helps you through each step, offering guidance on how to fix the broken pipe. This technology can be envisioned in a myriad of ways to help in the enterprise.

There are several companies that have received the largest investments in this space. Most notably is Oculus ($2 billion) who has partnered up with Facebook to introduce VR to the masses. There is little question Mark Zuckerberg predicts his company will be virtual reality based. Have you seen 360 degree pictures or videos on Facebook recently?

A little known company Magic Leap ($4.5 billion) is the best funded. This quiet startup based out of sandy Ft. Lauderdale is making major waves in the industry. Remaining under radar, they coined the term Mixed Reality (MR). Checkout the video which shows what their lenses could do in the near future: (VIDEO). Aside from these companies, other names of note include Blippar ($1.5 billion) and Mindmaze ($1 billion).3

The Reality of VR in the Enterprise—the Forming of an Experience

Google Smart Contact Lens

The enterprise is probably five years from adoption of VR or honestly, MR. One of the first uses will undoubtedly be connecting people from around the world in one location. Imagine your team of four people needing to meet to discuss a project, Donna in London, Isabelle in Jakarta, Atif in Pakistan, and Neal in South Africa. Currently you could conduct a conference call, WebEx, GoToMeeting, or the best option, a Cisco Telepresence meeting. Soon you will be able to connect to all four people using a set of spectacles. Choose your location for the meeting, the surface of the moon, Amazon rainforest, or sitting on a coral reef. Using glasses you can see each person, as if they were with you. Read their gestures, hear the intonations and feel tactile feedback with devices held in your hands while experiencing what it feels like to be in the Amazon.

Another impact on the enterprise will be the eventual disappearance of computer screens, monitors and even mobile phones as we use them now. Instead the lenses we wear will display all of the information for our eyes to read and interpret. Picture sitting at a desk with a large wall near you. Your lenses project multiple screens into your eyes which you interpret as on the walls, email, a video chat, your kids photos on one side, and perhaps a document you are writing. MR allows for people to interact with their tangible physical environment, adding a layer of realistic information on top. One day soon you will not be able to tell the difference between reality and VR/AR/MR with the advances in vision displays and tactile sensors. Google is another company in this space. It recently patented contact lenses with the ability to take pictures of the user’s field of vision.

The key to this evolution in for businesses is shrinking technology. Currently the stigma of wearing a large boxy contraption over the eyes is not palatable for work. That said, as we inch closer to VR, one of the reasons 2016 has become the year of VR is due to better screens on mobile devices (true HD video), which can be slid into a headset to interpret. Quite simply the headsets we see on the market now, like the Samsung Gear VR by Oculus, have two magnifying glasses an inch from your phone, powered by software that splits your screen into two related, but slightly different perspectives of what you are seeing. Combine that with the internal accelerometer and gyroscope that all phones have currently and the device knows when you are moving your head so that the screen can react to the motion. You feel like you are seeing something first hand.

Amazing times are ahead with VR/AR/MR. The enterprise will be forever altered by this form of information delivery. As an aside, I would encourage you to dip your toe into this space if you have not already done so. For $2.85 Google Cardboard is a device which allows you to turn your iPhone or Android into VR. There is truly no way to explain it better than experiencing the technology for yourself and, because it is so inexpensive, it is worth the effort. With this experience you can begin to see the transformative affect that VR will have on the enterprise.

Mixed Reality Video

Sources

1. “Virtual Reality,” Wikipedia, https://en.wikipedia.org/wiki/Virtual_reality

2. “AR/VR investment hits $1.7 billion in last 12 months,” Digi-Capital, April 2016, Click here

3. Ibid.

Images

1. Somack Holidays, http://www.somak.com/tanzania/arusha

2. Wikimedia Commons, Click here

3. PC World, Click here

4. Forbes, Click here

5. Joseph Raczynski – Magic Leap, https://www.youtube.com/watch?v=hPLKL_B1gGA

The Future: What Does Mixed Reality Look Like – Magic Leap

By Joseph Raczynski

I put this video together in November for a written piece that will be coming out in January.

This is an example of what Mixed Reality might look like while wearing a special set of glasses which sees everything around you but then projects imagery onto your physical space.  I have compiled several short videos from Magic Leap to illustrate their vision.

How prepared are law firms to face cyber security threats?

By Joseph Raczynski

The hacking of Panamanian law firm Mossack Fonseca last April resulted in 11.5 million leaked attorney-client privileged documents, exposing the widespread use of off-shore businesses by wealthy individuals and corporations around the world and highlighting the imperative need for proactive measures against corruption and other illicit financial activity.

But what it also revealed was just how vulnerable law firms can be to hackers and other cyber criminals.

Daniel GarrieDaniel Garrie is an arbitrator, forensic neutral and technical special master at JAMS, available in Los Angeles, New York and Seattle. He is executive managing partner of Law & Forensics LLC and head of the computer forensics and cybersecurity practice groups, with locations in the United States, India and Brazil. He is also a Partner at Zeichner Ellman & Krause LLP, where he heads their global cyber security practice, and an adjunct professor at Cardozo School of Law.

I recently spoke to Daniel Garrie, Global Head of eDiscovery, Forensics, and Cybersecurity Practices for Law & Forensics LLC, to get his insight into some of the cyber security issues facing law firms today:

Q. Daniel, why do hackers and other cyber criminals target law firms?

First, for information. All kinds of potentially valuable information: M&A information, IP information, real estate information, divorce information; information that can make people money or give them leverage. If you think about the law firms that just do mortgages, for example; getting a fully detailed mortgage package with social security numbers, bank account numbers, wiring information — that’s a pretty interesting piece of information.

Second, because in many cases, the law firm is the weakest link. Take the case of an M&A deal, for example. Why invest money and resources to hack the companies — which are more likely to have robust cyber security frameworks — when you can just hack the law firm, where cyber security resources are fewer and far more fragile?

Q. So law firms are not prepared to deal with these threats?

No, but not because they don’t want to be, but because of how law firms work as a partner profit-sharing entity. There has to be a reason to invest in measures to prevent them.

Q. And what are those reasons?

The consequences of unprotected and disclosed client data are two-fold. Not only do a law firm’s clients face potential reputational, financial, and legal risks when their private information is accessed and potentially distributed, the firm itself faces those same risks.

All law firms are competing for business and firms that don’t protect against cyber security threats run the risk of losing a substantial amount of business. Law firms are becoming acutely more aware of the fact that if they’re hacked, chances are, they’re no longer going to be a law firm.

Q. So what steps can law firms take to get prepared to deal with these threats?

First, focus on cyber hygiene. Do whatever it takes to put the right preventative measures in place in place:encryption, “least access necessary” policies, training and education for staff, etc. Second, find trusted partners.Do business only with those whom you can trust because if they are labeled as “hacked,” it could devastate your business, too.

Original post in AnswersOn

Thomson Reuters Innovation Lab at Communitech – Kitchener, Canada

By Joseph Raczynski

Visit to the Communitech Innovation Lab near Waterloo Canada to see the Thomson Reuters Innovation Lab. In addition, a group of customers and TR employees went through a Design Thinking Workshop. Other companies at the location include; Google, GM, TD Bank, Canon, Deloitte, Fairfax Financial, Manulife.  Special thanks to Brian Zubert for all of his hospitality and education during the day.

360 Video: Design Thinking Workshop – Thomson Reuters Innovation Lab at Communitech

By Joseph Raczynski

360 Degree Video of a Design Thinking Workshop at Communitech, Kitchener, Ontario, Canada. Led by Dave Inglis we start down the path of a Design Thinking Workshop with Alston & Bird. Shot with the #SamsungGear360.

*With 360 Video you can move the video around to whichever view you would like at any point. Please click and hold the video and move the screen around in any direction.

ILTACON 2016: When Will Blockchain and Smart Contracts Be Important in Legal?

By Joseph Raczynski

“Blockchain is Hot: More than $1.5 Billion has Been Invested in Blockchain in the Last 18 Months”

  • Tori Adams, Booz Allen Hamilton

 

NATIONAL HARBOR, Md. — If someone had told you in 1993 that the Web would be integral to your life today, would you have believed them? Well, the discussion around blockchain technology at ILTACON 2016 harkened back to that same scenario of the early ‘90s. This is a reboot, where another new technology will revolutionize the world.

Moderated by the esteemed Ron Friedmann, Partner at Fireman & Company, we were led down the path of what to expect with blockchain. Rohit Talwar, CEO of Fast Future Research, started us off with his futuristic vision on what we can expect over the next five years. Joe Dewey, Partner at Holland & Knight, who specializes in blockchain, discussed the law and smart contracts. Lastly, Tori Adams, a data scientist at Booz Allen Hamilton, illustrated her predictions on the reality of this technology in the near term.

Current Landscape

All major industries are looking toward blockchain — most pointedly, the financial sector. Talwar focused on one platform that is pushing this new space forward quickly — Ethereum — a pseudo-Bitcoin 2.0 that allows users to code on top of the blockchain. This can create huge advances in how the blockchain can interact with the world; utlizing smart contracts and digital identities, an even executing stock trades. In fact, Talwar stated that Goldman Sachs estimated a legal savings of $11 billion to $12 billion per year from streamlining clearing and settlement of cash and securities through such technology.

Near Future

The next significant phase developing now is the DAO (Decentralized Autonomous Organizations) which means that processes and companies are completely autonomous. This technology has the ability to disrupt a disrupter, e.g. Airbnb. Let’s say you visit a DAO-enabled travel site. The condo owner places an ad on the site to rent their place weekly. You choose their place in Miami, agree to the terms (date of check-in and -out, etc.) and agree to the fee and deposit (paid automatically). When you arrive at the condo to check-in, simply enter the password at the door through an Internet of Things (IoT) tech-enabled doorknob (check out Slock.it) and you gain access. That lock at the front door knows who you are and how much you paid, and it can also see your contract for the rental of the condo and knows when you are to be out. The DAO can do all of this with one employee running the entire operation.

Law Firms Start to Embrace Blockchain

Several law firms are starting to make a foray into this space. Recently Steptoe & Johnson began a multi-disciplinarian practice to help manage the blockchain for clients. They will also be accepting Bitcoin as payment. Most importantly, they co-founded the Blockchain Alliance6, a coalition of 25 blockchain companies and 25 regulatory and law enforcement agencies — including Interpol, Europol, the Securities and Exchange Commission (SEC) and the FBI — to educate enforcement agencies about digital currencies and blockchain technology. Other law firms including Holland & Knight see exponential growth of attorneys laboring in this discipline.

Smart Contracts

Holland & Knight’s Dewey said he believes the definition around smart contracts can be varied. For the purposes of this conversation, it is snippets of code that can change the ledger or a legal contract that is implemented on the blockchain. Of course, he outlined several benefits and challenges to this new innovation in the area of smart contracts:

Benefits:

  • Smart contracts are coded so there is less ambiguity than prose;
  • Verification can be achieved even within a trustless environment;
  • Self-executing; so once released, it is difficult to impede execution; and
  • Integrates well with IoT, artificial intelligence (AI) and machine learning.

Challenges:

  • Must balance transparency with privacy concerns;
  • Infrastructure needs to be updated;
  • Lack of experience with blockchain technology in IT departments;
  • Lack of education and understanding of the technology in other departments, including compliance;
  • Development of uniform standards and protocols; and (of course)
  • Need to overcoming custom and tradition (e., change is hard.)

So a real world example of how a smart contract was implemented can be seen in how Barclays did it with an interest rate swap prototype. Essentially, the investment bank set up an incubator of coders who worked with their legal department to understand how these swaps (trades) worked legally. They distilled three lines in the process that could be coded — (x) the amount of cash; (y) the interest rate; and (z) the currency. Once this information was garnered, the transaction could be solidified and then stored on a blockchain.

One of the most surprising revelations of the session came from Dewey when he stated: “Big news for attorneys, existing law — passed well before blockchain technology was contemplated —not only validates transactions, including the trading of credit interests accomplished through the use of the technology we are discussing, but as a matter of policy, strongly supports it.”

There is little question that this is an industry that will be growing rapidly over the next few years. Many firms are moving forward with practice areas and educating their attorneys on the technology to better position themselves for the coming wave.

Lastly, Dewey added some additional encouraging words surrounding the future of blockchain. In May, the State of Delaware — which is home to almost two-thirds of the Fortune 500 companies — announced a Blockchain Initiative so that corporate filings can be added to the ledger. “This is a clear sign that blockchain technology will have a significant impact on business,” he said.

ILTACON 2016 SESSION: NEW INTERNATIONAL STANDARD FOR CLOUD DUE DILIGENCE

By Joseph Raczynski

The cloud is becoming increasingly ubiquitous at law firms. In fact, a recent ABA Technology Survey stated that 46 percent of cloudless firms will be transitioning in the next 6-12 months. In the session on the “New International Standard for Cloud Due Diligence,” Gregg Brown, senior director Technical Strategy, Computer Standards at Microsoft, and Patrick Oot, partner at Shook, Hardy & Bacon, discussed the changes to the cloud over the last six years and what is coming down the road.

Small- and medium-sized firms have embraced the cloud, while the largest firms have been more reluctant, saddled with restraints placed by their clients – especially in the financial industry. That said, there now seems to be some loosening of the straps in that particular space.

Benefits of the cloud:

The duo argued multiple reasons for jumping to the cloud. First, firms can take advantage of the latest innovations, features and capabilities with updates released every month, compared to waiting years for internal upgrades to their current systems. In addition, the cloud offers greater agility – not having to retrain or rebuild as needs expand.

Oftentimes, clients require more capacity on short notice, which the cloud can easily accommodate. At a base level, the cloud is a fraction of the cost of on-premises solutions – though add-ons can sometime raise the price close to that of an in-house solution.

As more firms adopt BYOD (bring your own device), the cloud enables firms to meet workforce demands with a per-user license. But with BYOD comes another layer of security concern, which the cloud can more readily accommodate as most vendors will be up-to-date with regard to security patches.

As Brown also noted, another inherent benefit to cloud technology is access to analytics. With all of its data in the cloud, a firm can easily deploy search and analytics across all of its information/eDiscovery, compared to what one might have with an on-premises solution.

Risks in the cloud:

As firms move to the cloud, one of the most persistent risks associated with the technology is multitenancy, means that a software application may not work well as designed in the cloud with multiple users trying to gain simultaneous access to it.  And of course, with complexity tied to data transfer laws, particularly between the US and EU, firms should consider the challenges of data access and the courts, Oot noted.

New ISO Standard Impacting the cloud in 2016:

Brown also described that by the end of 2016, there will be a new “Cloud Service Level Agreement (SLA) Framework” – known as ISO/IEC 19086-1 – published, which will offer a set of considerations for cloud agreements. He noted this will be a boon for law firms as it will lay out a guidance standard verses the normal compliance standard. This should have a positive impact, although Brown cautioned that these guidance standards will raise key questions and require analysis and evaluation.

Reflecting on the session, Oot and Brown surmised that technology still has a few pessimists, but that the forecast is looking positive as more and more firms opt-in. With its waxing advantages and waning risks, it appears that greater cloud adoption is near.

As they concluded, Oot and Brown pointed out one last benefit of the cloud – terms of service from providers can now be negotiated, where previously this was not permitted.

Based on what they outlined, there is little question that fewer barriers remain to adopting the cloud.

Joseph Raczynski is manager, Technical Client Management, Thomson Reuters