eDiscovery Daily Blog

New Survey Shows Biggest Concerns of Legal Professionals Regarding Cloud and Shadow IT: eDiscovery Trends

A big topic during LegalTech New York (LTNY) last month were the issues and concerns associated with information governance (IG) as it applies to the use of “Shadow IT” applications, including those that are cloud-based.  A new survey, actually conducted during LTNY, was released earlier this week that sheds light on those concerns of legal technology professionals.

According to the survey conducted by Consilio and announced this week, the pervasive use of cloud-based applications in the workplace is creating challenges for companies to effectively manage the potential data security risks of Shadow IT.  A total of 148 responses were collected from law firms (54.73% of respondents), in-house legal departments (27.03%) and government-affiliated entities (18.24%) in attendance.  Here are some notable findings:

  • Biggest Perceived Risks of Cloud-Based Applications: When asked what they thought were the biggest risks of cloud-based applications, 64% of respondents cited inadvertent disclosure of sensitive data as the biggest risk of using cloud-based applications, followed by theft of intellectual property (39%), regulatory compliance failures (26%), inability to adequately identify relevant data for eDiscovery (25%), service outage (21%) and inadequate application of document retention (16%).
  • Concern about Potential Security: When asked how concerned they were with the potential security risk of cloud-based applications, 31.7% of respondents indicated that they were concerned, followed by very concerned (29.7%), moderately concerned (21.6%), slightly concerned (14.8%) and not at all concerned (2.0%).
  • Over Half of Respondents Usually Have Cloud-Based Data to Consider Collecting: 54.7% of respondents often or almost always use cloud-based applications to store company data affiliated with legal and investigatory matters on a regular basis.
  • Majority of Respondents See Cloud Migration as Important to IG: More than two-thirds (67%) of respondents regard the migration of company data to the cloud as important or very important to an organization’s information governance program.

It’s also worth noting that over a quarter (26.9%) of respondents reported that their organization rarely or never actively addresses security risks associated with Shadow IT, which is hardware or software used within an enterprise that is not supported or administrated by the organization’s IT department.  Almost half of legal technology professionals (45.2%) cited that their organization addresses these risks sometimes, while only a quarter (25.6%) committed to this process very often.

“The survey confirmed what we have already seen anecdotally for the last few years; many organizations are enabling Shadow IT to enter their daily business operations without enough concern about the risks of these platforms,” said John Loveland, managing director, Consilio. “If an organization is faced with litigation in the future, this cavalier approach can make eDiscovery exponentially more complicated and expensive, during a time when efficiency and accuracy are paramount.”

A copy of the infographic containing key findings from the survey can be found here.

So, what do you think?  How does your organization handle the use of “Shadow IT” applications?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.