The following Guest Post is from my friend and technology wizard, Tomasz Stasiuk:
There is a widening divide among lawyers: those who embrace cloud based services because of the advantages they provide (distributed off site storage, synchronization, and access) and those who are justifiably concerned about putting clients’ documents into someone else’s hands.
Using cloud based service raises issues of security, control, and trust.
- How are the files protected?
- Where are they located and who has access?
- Do you trust the provider?
It may seem naive to talk about trust. "Trust NO ONE" some lawyers shout. However, even solo practitioners have to trust someone. If you do not own your office, you trust your landlord not to riffle through your documents. As a firm grows, trust becomes more important. You trust your staff to keep confidences. You trust their families not to look too closely at documents on desks. You trust your cleaning staff, copier technician, plumber, or your landlord’s HVAC servicer not to listen in on discussions, look over papers or take documents. You trust that someone will not walk in off the street during business hours and take a file.
Still don’t think trust is a big factor in your day-to-day operations in a law office? Do you use a service for storing closed files? You know the drill: you put the files into a cardboard box. cover it with a lid, then you give them to a man who takes them away. You have just given all your client’s confidential records, medical information, social security number, to some guy in a jumpsuit, secured with nothing more than an ill fitting cardboard lid.
You have just given up control of the files. You have given up security for the client information. You are relying that the trust you have put in the storage company and it’s employees and contractors is not misplaced.
The seldom discussed fact of law offices is that you rely on trust A LOT to maintain confidences. And the people you trust could more easily disclose client confidences than any cloud based service provider.
Let’s look at the other two big issues in using a cloud based service: security and control. Security is always a matter of asking, "as compared to what?" When looking at cloud based storage it is important to consider how it stacks up against other storage options.
PAPER BASED FILES
At one end of the spectrum are pure paper based files. These are inherently less secure since each page is often the sole repository of the information it contains. Paper based files often have no redundancy. Nobody "backs up" paper. The file is "THE" file. If any page is destroyed, the information on it is gone. One fire, one storm, one burglary and it all could be gone. Forever!
Oh, you may be able to recreate part of the file: you may be able to get pleadings from the court, medical records from the doctor. However, this is not a solution. Recreating a file takes a lot of leg work, and there is no guarantee that you will get everything you had before.
What about the security of paper? There is none. Zero. Zip. Paper itself has no security: you cannot encrypt paper. If you have access to the physical file, you have access to the information in the file.
I realize that most paper files are under some type of lock and key. The problem is that law offices are not banks. Even firms that have safes only store a tiny fraction of files in them. Everything else is kept in filing cabinets or on shelves. Accessing a file is as simple as kicking open a door or breaking a window. Most filing cabinets locks can be popped with a crowbar. Even a security system, at best, only limits the amount of time a burglar has in an office. The situation gets worse when files travel. Attorneys who bring their files to court risk having a file stolen out of a briefcase. The three digit combination locks on catalog cases only provides a false sense of security when the lock can be pried with a screwdriver, or the entire case can simply be picked up and taken away. And who hasn’t heard an attorney say, "I left that file in my car." With the car becoming a second office for many attorneys, all it takes to access the files left there is a broken window or slim jim.
Even when you control the physical files, the amount of security you can provide is limited and the value of that security is questionable. Consider banks: one of the most secure private businesses that still allow public access. Despite vaults, cameras, security systems, and guards, even banks get robbed. However, it is only the physical money that is taken, not the 1s and 0s representing clients’ accounts. Even banks find that the best security is simply not having the money at the bank.
Let’s take a look at some of the other options for storing case files.
SELF HOSTED STORAGE
A more middle-of-the-road approach is keeping documents paperless but controlling the storage. A self hosted solution improves on a paper-based system since it allows duplication and encryption. You can have a server in the office and rotate hard drives between the office and home. You can even access data, or back up to, a pogoplug out of your basement. This, at least, provides some off-site backup.
The problem is that the backup is not distributed. In the event of a region-wide disaster (for example: hurricane Katrina) you could still loose both the main copy and the backup.
A self hosted storage solution is the data equivalent of keeping your money stuffed in your mattress. You control where the data is but are you the best person to protect it? Whether you keep the data on a server in an office or at home, or a combination of the two, the simple truth is that you are away from your data half the time.
Just as with paper files, all it takes to gain physical access to your hard drives or servers is a kicked-in door or broken window. Paper files, for all their shortcomings, may be safer as they take more effort to carry off than a harddrive or server.
A third option is to store your data at a "colo" (or co-location facility). You provide, buy or rent a server in a data center often with serious security (no one is going to break in, period) and serious services (redundant power, redundant data communications connections, and environmental controls) with a fast internet connection. You control the data and the hardware. Win-Win!
However, there are a few catches:
- A colo is more expensive than a cloud based solution and if you want back-up and secondary hard drives, those options increase the monthly costs.
- Data may not be distributed among different machines in different locations.
- You also have to administer your server remotely. Physical access is limited by the the location of the data center, and its security. Want to go in on the weekend and work on it? Not gonna happen!
The big problem of using a colo, is that you have put your server on a fat pipe. Putting your server on a fast internet connection is like painting a bulls-eye on it. Even if you have an IT guy or IT department, you should take a long hard look at whether you want to take on the security challenge: this is going from playing a pick up game of baseball in the park on Sunday, to playing in the majors. You have to ask yourself: do you want to become a security professional and face off against 12-year-olds accross the world with nothing but time on their hands? Psst… the answer should be, "no."
CLOUD BASED STORAGE
Finally, let’s look at the security offered in a cloud based storage solution. One of my favorite services is Dropbox. This is a server + cloud solution (also known as "offline cloud access"): your data is stored on your own computers or servers, and synchronized with servers in the cloud. In addition to providing storage, it also synchronizes your data among your the various computers you control.
So, how secure is this service? Here is what Dropbox has to say:
- All transmission of file data and metadata occurs over an encrypted channel (SSL).
- All files stored on Dropbox servers are encrypted (AES-256) and are inaccessible without your account password.
- Dropbox website and client software have been hardened against attacks from hackers.
- Dropbox employees are not able to view any user’s files.
- All files stored online by Dropbox are encrypted and kept securely on Amazon’s Simple Storage Service (S3) in data centers located along the east coast of the United States.
You may have noticed that Dropbox uses Amazon’s S3 servers. So, in reality you are trusting two services. Sure, you buy everything from books to toilet paper from Amazon, but can you trust them with this data? Remember that Amazon only provides the storage. Dropbox encrypts the data before any files are stored on Amazon’s S3 servers.
The benefit of using Amazon’s S3 servers is the level of their data center security:
AWS [Amazon Web Services] data centers are housed in nondescript facilities, and critical facilities have extensive setback and military grade perimeter control berms as well as other natural boundary protection. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, state of the art intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication no fewer than three times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.
Amazon only provides data center access and information to employees who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical and electronic access to data centers by Amazon employees is logged and audited routinely.
Data stored in Amazon S3 … is redundantly stored in multiple physical locations as a normal part of those services and at no additional charge.
In short, cloud based storage provides:
- Encrypted communication (protecting against interception during transmission).
- Encrypted storage (protecting against data loss through theft).
- Distributed storage in multiple data centers (protecting against regional disasters).
- Redundant environmental and power controls (protecting against power and cooling failure).
- Physical security safeguards (protecting against unauthorized physical access).
I am personally a fan of cloud based storage. While I give up physical control of the media, I gain more security than I could provide on my own.
There are other issues concerning cloud based storage such as terms of service agreements and under what circumstances a provider would release files to law enforcement. Depending on your area of practice, this risk may be reason enough to rule out cloud based storage in your office.
Some of these problems can be resolved by pre-encrypting your data before using a cloud based service. In this scenario, the client system (your computer or server) encrypts the data before it is sent to the server (the cloud based service) so that that the service has zero knowledge of the contents. "Sounds great! Sign me up!" you might say. However, client-based encryption brings its own set of problems.
Container based encryption (encrypting a large folder) via Truecrypt or PGP, defeats much of the instant synchronization benefits of a cloud based service, and increases the chance of conflicts during access. Since the entire container is in use, anytime two users attempt to access the same container, a conflict occurs. The result is either the entire container is duplicated (which can be a problem when you are storing gigabytes of data) or the second user is locked out until the first user has logged off and the local and server copies are synchronized. Note: synchronization is greatly slowed since the entire container must be checked for differences against the cloud based copy, before the differences are uploaded. The near instant back-up and synchronization slows to the point of becoming akin to putting a motor home on a scooter. If you need to pre-encrypt a container, you may want to forego instant synchronization and only consider online backup options such asJungleDisk.
The ideal solution is automated per-file encryption. However, operating systems are moving awayfrom this option and add-ins like EncFS are for techies who are unafraid to recompile a kernel. Some services, like SpiderOak provide Dropbox-like functionality along with client-based, per-file, encryption. However, reports are mixed about the success of the synchronization, which needs to be a given before trusting your data to such a service.
I am optimistic that these issues will be resolved over time. On the whole, cloud based storage provides a superior degree of security than what most practitioners could provide and goes a long way toward providing distributed off-site backup. I am thrilled that my data is in the cloud. It provides piece of mind to know that whatever happens to one of my computers or my office, I can always get my data back.
About the author: Tomasz Stasiuk is a Social Security disability attorney in Colorado Springs, Colorado who writes and presents on technology issues. Tomasz also helps solo attorneys and small firms how to leverage low cost technology at Planet 10 Technologies.