Monday, July 31, 2006

Ready to use sites

If it is easy to do with your law firm extranet solution (and if there are no incremental costs), consider building law firm extranet sites for all of your key law firm clients. By doing this, you can ensure that there is always a collaboration area ready to use at a moment's notice by any of your key internet clients (partners).

Doing this also helps reduce the perception or the belief that setting up additional law firm extranet environments is a costly and time consuming endeavor.

Saturday, July 29, 2006

Implementation Tip

I recently read an article that reminded me of an important tip. If at all possible, don't try to implement a new legal extranet system on a really complex case. What would be better, if it is possible, would be to select a simple case or moderately complicated case and try to use the features of the extranet (posting case info, documents, calendars, etc) for this type of case. This will provide a law firm with the opportunity to conduct training, modify/tweak the system as needed, etc.. , all in a less pressure-packed environment.

If you do this, then when it is time to really use the system on a critical and high priority case where everyone is under time pressure, the system should add value instead of adding headaches or issues to the discovery or litigation process.

Tuesday, July 11, 2006

Extranet - Security

When building an extranet system, there are several areas one needs to be cognizant of to be sure a client's data is properly protected. Some of the areas to think about are the following:
  • Be sure your data is encrypted as it flows over the internet.
  • Be sure clients have system accounts which assign them roles which provide them with system a) data access and b) feature access.
  • Be sure your system is in a secure data center.
  • Be sure you have an appropriate privacy and data confidentiality policy governing the protection of the data and when and under which circumstances data can and can not be provided to others (e.g. how one must respond to a subpoena, etc..).
  • Even through it is beyond your control from a technical perspective, be sure to encourage clients not to reveal their password to others (surprisingly, one of the most common security issues).

Of course there are other issues, but these are some of the key items to consider.

Tuesday, July 04, 2006

Legal Extranet Security Issues

When designing a legal extranet (also known as a law firm extranet), keep the following items in mind.
  1. The sites must be encrypted.
  2. Set up standard roles (administration, client, law firm attorney, law firm paralegal).
  3. Assign features and functions to roles (not individuals).
  4. Develop a strategy to control access to data (by user, by role, by workspace).
  5. Develop a strategy to control access to manipulate data (rights to add records, modify records, delete records).
  6. Be sure the physical servers and storage devices are properly secured within appropriate data center like environment (locked/keyed room, controlled environment, locked servers, etc, etc, etc). Note: There are several good sources of information available on the proper operation of data centers that this posting does not attempt to define.

There are other considerations one sometimes needs to take into account regarding law firm extranet security, but these are the key issues.