This document summarizes the key factors to consider when evaluating on-premise versus cloud-based law practice management software. It discusses cost in terms of upfront, ongoing, and long-term expenses. Security is addressed, noting advantages of both on-premise control and cloud vendor expertise. Functionality such as implementation, customization, and mobile access is also compared. Connectivity depends on location and internet capabilities. Ethical obligations to protect client data apply regardless of the system chosen. The presentation aims to help firms decide which approach best fits their needs and capabilities.
4. About Our Presenter
Kevin F. Ryan, Esq.
Executive Director
Monroe County Bar Association
Rochester, NY
5. Outline
I. Cost -- upfront, monthly/periodic, long-term
II. Security, incl. mobile accessibility
III. Functionality -- implementation, customization,
portability
IV.Connectivity
V. Ethics
VI.Questions
12. Cloud
• Lower upfront investment
• Predictable costs over time
• No additional hardware investments
13. Long-Term Cost
Long-term costs of cloud might be greater
Key: How much attention are you willing to pay
(or pay for)?
Upgrade costs built into cloud-based products
14. The Frequent Upgrader
Do you typically upgrade with every new release?
• If so, cloud and on-premise similar in price
• Upgrade fees can add up quickly
• Cloud keeps you current
• Minimal or zero cost
15. The Hesitant Upgrader
Or do you wait to upgrade until you have to?
• Unwilling to pay for marginal improvements
• No longer supported or otherwise forced to
upgrade
• Here, long-term cost advantage to on-
premise
16. A Word About Servers
Servers have multiple uses in a law firm
A. As an application server (accounting system
on the server);
B. As a storage system (store your files);
C. As a domain controller (managing &
enforcing access restrictions, etc.)
17. Cloud as Server
• Excellent as application server (practice
management software, email, etc.)
• Good as storage server (particularly when
connected with onsite storage)
• Domain controller services??
18. Reading the Future
Currently, development focused on cloud-
based services, rather than on-premise
applications
• On-premise applications will see less
development and fewer new features
19. And so . . .
If this trend continues:
• Cost of on-premise applications will be
increasingly unpredictable
• Patches, upgrades, and ongoing support likely
to decline
• Increasing costs over time
20. Pitfall # 1
Don’t forget hidden and long-term
costs of sticking with on-premise
practice management software
22. On-Premise Security
• More control in the hands of the firm
• Is that good?
o Requires work & resources
• Monitoring access
• Updating server operating systems
• Updating software & dealing with bugs
• Adding patches
• Personnel costs and/or contract with outside IT
23. Security in the Cloud
• More secure
o Data security in hands of vendor
• Trained staff
• Large budgets
o Physical security: coded locks, security for all
personnel who have access to enter, video security,
alarm systems, etc.
24. Security and Hackers
Two types of hackers
○ Skilled computer programmer involved in
technology & programming subculture (“hacker
culture”) -- generally good
○ Someone who uses bugs or exploits to break into
security systems -- some good, some bad
25. Comparative Vulnerability
Cloud services bigger target for “bad” hackers
• BUT on-site always more vulnerable
o Despite today’s tools and good IT companies
• Cloud services can pay for more extensive &
up-to-date security
26. Security: A Final Word
Important to have a data-recovery plan even if
using cloud-based services
27. Pitfall # 2
Don’t be unrealistic about what
you can do to provide security for
your systems
28. Problem: Mobile Accessibility
Both a security & functionality concern
On-premise
• Need third-party client to communicate
between mobile device & on-premise software
o Another point for security breaches
o Making it all work together smoothly
29. Cloud Mobility
With the cloud . . .
• Easier to access from remote locations
o Allow lawyers & staff to work away from office
o Meet client expectations
o Two-edged sword
30. Remember . . .
Your security is only as good as the protocols you
have in place and willingness of the users to follow
those protocols.
31. Pitfall # 3
Don’t ignore the special security
issues raised by mobile devices --
and don’t exaggerate your ability
to handle it internally
34. Implementation
On-premise
• Disadvantages of piecemeal implementation
o Finding, sorting, choosing the options
o Coordinating implementation
Cloud
• Takes less time to implement
• All done at once
35. Cloudy Customization
Cloud less customizable -- but that’s good
• General (small & mid-size firms) vs. specific
needs (large firms)
• Greater stability & continual updates by vendor
-- often automatically
• Work with vendor to make desired changes
36. Customizing On-Premise
On-premise more easily customized, but . . .
• Implementation delayed while customization
occurs
• Revisiting customization when vendors
upgrade software
37. Portability
On-Site
• Not as functional for remote work
o Local network + (we hope) VPN connection
Cloud
• Anywhere there is a secure connection
o Often supplied by the vendor
38. Pitfall # 4
Don’t downplay the problems
associated with implementation,
customization, and portability of
on-premise systems
42. Whadya Got?
Bandwidth
Need fast (and likely more expensive)
broadband connection
• NOTE: programs with large files (CAD,
graphics, etc.) do not work as well in
cloud -- slow, even with large “pipe”
• Local can be quicker
43. Business Never Stops
With the cloud . . .
If Internet is down in office, can work from
elsewhere (home, etc.)
• Continuity of business (even in disasters)
• NOTE: increased security risk
44. Pitfall # 5
Don’t be unrealistic about your
Internet capabilities, but recognize
the advantages offered by cloud
systems
46. Confidentiality
Ethics require you to take reasonable steps to
protect client information
• NOTE: not a guarantee -- perfect security
not required
47. Can You Do It?
Can your firm handle attacks on your local server?
• Subject to same attacks as cloud-based
system
• Generally “No” for small to medium-size law
firm
48. In the Cloud
Probably better off relying on a company that has
a significant security department
Ethical obligation to assess security of cloud-
based company
49. Pitfall # 6
Never forget your obligation to
safeguard client information -- are
you confident you can do it
yourself?