Image Credit: The Matrix
Attorney Lee Rosen of the popular law blog Divorce Discourse wrote this thought-provoking piece on how trust between end users and cloud solution providers should be a two-way street in response to Clio Cloud Conference speaker Bob Ambrogi‘s statement that end users should do their due diligence when choosing a cloud computing provider. We couldn’t agree more; as a cloud-based SaaS company, trust, not data, is our currency. As cloud computing adoption continues its meteoric rise, the questions cropping up seem to be of the same nature: WHO has access to my data? HOW secure is my data, and WHAT is my data being used for? To that end, we’re posting today to clarify some of our policies in regards to data ownership and privacy practices, and give some visibility into how these concerns drive our development decisions.
To answer the first question: WHO has access to your data? Only you do. When you choose Clio, you maintain ownership over your data, and, without your explicit consent, we’re unable to access information you’ve stored on our servers. We have no visibility into your password or other account information, beyond your username, and no ‘back door’ exists for staff to gain access to your account. Your documents, Time Entries, Notes and any and all Matter and Client information are accessible only by registered users of your account. You’re able to access your data for download at any time, either via our data export portal, or through a Data Escrow service (such as Amazon). We’ll never hold your data hostage, nor will we use it as leverage to convince you to remain with Clio. We understand that choosing a practice management solution is a personal decision based on a variety of different factors, and while we try our best, we know we’re not for everyone. If you ever decide to leave Clio, we ensure you have a simple and convenient way to access all of your data, and assure you that all data will be deleted when your account is closed.
WHAT is your data being used for? As data becomes a viable secondary revenue stream for many cloud computing providers, there’s also a question of how your usage is being monitored and your data being sold. While we do aggregate usage statistics, personally identifying information is stripped out and the data is only ever used internally as a means for us to refine and improve our product; your information is never sold to a third party, nor will it ever be. Tracking usage allows us to determine which features to keep, which to change and which to drop entirely to optimize your user experience. Your information is only shared via third-party integrations (such as our document management options or billing integrations) with your explicit authorization. We respect your right to privacy and will continue to ensure that we value your trust and security above the almighty dollar.
HOW secure is your data? Extremely. As a cloud computing provider, we’re held to pretty rigorous standards both internally and externally when it comes to data. We use bank-level SSL encryption (the same kind used by your bank or ecommerce sites to secure your financial data) provided by Verisign. We’re stringently audited by both TRUSTe (the entity responsible for drafting the best practice privacy documents in the early days of the internet) and McAfee (against current and emerging security threats). When choosing a cloud-based practice management provider such as Clio, the onus is placed on us to ensure information security, and we make every effort to ensure that your data remains safe, both internally and externally.
The primary request from Mr. Rosen’s post was for financial data to be made available and we can certainly understand how in an age where startups are rolling out to massive fanfare only to quietly implode mere months later, this would be a necessity; attorneys should be looking for longevity and proven success when choosing a solution for their practice management needs. This recent post from our CEO and co-founder, Jack Newton, makes some excellent points addressing how financial disclosures, while helpful as a barometer, aren’t always the be-all-end-all for due diligence; rather, they’re a piece of a much larger puzzle, encompassing security and privacy policies, data ownership, ease of data migration and more.
We prefer to let our track record speak for us: we’ve recently announced an expansion to Ireland to spearhead our international efforts. We recruited a former VP of Salesforce (no stranger to cloud computing success) to drive our domestic and international sales and ensure we continue to achieve sustainable growth. We recently celebrated our fifth birthday (and in terms of cloud-based SaaS startups, 5 years positions us as the kindly grandfather on the block), and we hope to celebrate many, many more. While no one likes to talk about it, closures or acquisitions do happen. By using our Data Escrow service, you ensure that your data is always backed up and available.
Cloud computing, privacy and data ownership continue to remain at the forefront of IT consciousness as adoption grows, and this is tenfold for companies in the legal space. This isn’t the Matrix; when we look at you, we see people. Not data. Working together with you, our most valuable asset, we’ll continue to offer transparency and clear lines of communication to make sure all of your concerns are being met and that at the end of the day we can both feel confident in your decision to place your livelihood in our hands.