Leveraging Leasing Can Alleviate Law Firm Security Pressures

The Law Firm Security Landscape

We know the consumer industry stories of hackers infiltrating Target and, more recently, Home Depot: 

“Here's the thing about breaking into a multi-billion-dollar company and stealing the credit card information of millions of customers: It's just not that hard.” From

Law firms are now at the center of the storm because they store some of their clients’ most sensitive business information and are viewed by criminals as a less defended path to that data. Firms must take care to understand and respond to evolving security trends and response strategies.

A growing number of clients are demanding that their law firms take more steps to guard against online intrusions that could compromise sensitive information as global concerns about hacker threats mount.

Some companies are asking law firms to stop putting files on portable thumb drives, emailing them to unsecured iPads®, or working on computers linked to a shared network. In some cases, banks and companies are threatening to withhold legal work from law firms that balk at the increased scrutiny or are requesting that firms add insurance coverage for data breaches to their malpractice policies.

The vulnerability of American law firms to online attacks is a particular concern to law enforcement agencies because the firms are a rich repository of corporate secrets, business strategies, and intellectual property. One concern is the potential for hackers to access information about potential corporate deals before they get announced. Law enforcement has long worried that law firms are not doing enough to guard against intrusions by hackers.

But behind the big headline stories, are people, the IT professionals themselves, working among what may be at times contradictory pressures. 

The inaugural 2014 Security Pressures Report from Trustwave, based on a survey of more than 800 IT professionals, reveals the security threats most concerning to these practitioners. One of the main areas of contradictory pressures faced by IT professionals is both the pressure to “do something” but without the resources, as evidenced in these statistics from the 2014 report:

  • 65% of IT pros are pressured to use security products with all of the latest features, despite 1 out of 3 not having the resources to do so effectively
  • More budget, more security skills/expertise, and more time to focus on security are the top three items on wish lists for IT pros in 2014 

It also uncovers the pressures these respondents have faced, are facing, and expect to face in regard to confronting these threats.

Here are some additional key findings from the 2014 Security Pressures Report:

  • 54% of IT pros felt more pressure to secure their organizations in 2013 compared to the previous year, and 58% expected even more pressure in 2014
  • Targeted malware was the threat IT pros felt the most pressure to protect against — with 64% noting increased pressure over the previous year
  • Customer data theft worries 58% of IT pros — more than reputation damage, fines, and legal action combined
  • External threats caused more pressure than internal security threats, but employee accidents caused more pressure than employee malfeasance
  • 50% of IT pros say their owners, boards of directors, and C-level executives are applying the most pressure, while 13% say it’s coming from themselves
  • Pressure from the top may not always have security in mind, with 4 out of 5 IT pros feeling pressured to roll out IT projects, despite concerns they were not security-ready
  • Advanced security threats, the adoption of emerging technologies, and security product complexity are the top three operational pressures IT pros face
  • Emerging technologies that IT pros are most pressured to use include the cloud and mobile applications, despite feeling they both pose the greatest security risks

Financial Strategies that Help

Here is the question on the minds of law firm IT departments, CFOs, and Executive Directors: how are we going to pay for the security technology that’s necessary today if it’s not in our firm’s budget “today”?

Advances in technology and software upgrades, especially in the data security arena, are being made with extreme rapidity. A firm that wants to protect itself and its clients with the most up-to-date versions of security technology and software available may not want or be in a position to purchase it outright. Leasing or financing provides the opportunity for an IT department to replace/upgrade equipment and software on the fly as upgrades are released, while at the same time work within a budgeted monthly payment. In addition, the soft costs associated with the software also can be leased, including training, implementation, and services with software upgrades and purchases. The decision cycle also can be shortened since the request for another large capital expenditure can be circumvented.

Leasing converts what might be a large cash outlay into a monthly expense that keeps your firm within budget. It also provides a predictable and efficient way for you to stay on top of upgrades and equipped with top-notch tools.

These days, a monthly expense is an easier solution for many law firm decision makers versus paying cash for the total cost. Many products are now being offered as a monthly subscription because the monthly payment—as opposed to a total cash purchase—is the most efficient way for a firm to stay within budget and have the flexibility to keep vital technology up to date. Leasing a firm’s hardware, software, and other soft costs is a solution that can strategically allow a firm to convert what might be a large purchase into an affordable monthly expense. Financially, this means that leasing beneficially conserves cash reserves, keeps bank lines of credit open for short-term use, and cuts the out-of-pocket costs for security upgrades while still enabling new projects in the budget. 

These combined financial strategies allow for flexibility and quick decision making which are distinct advantages when the security landscape is in constant flux.

Securing the Right Lessor

When choosing a leasing partner, it is important to find one who will work in your interest and not just exclusively in theirs. They also should understand the constraints of the legal industry. Leasing is not just a one-time transaction; it is a long-term relationship. It’s in your firm’s best interest to be highly selective. If the partner decides to bring a lessor into the relationship, here are some best practices we recommend:

  • Be highly selective and do your due diligence. Select a lessor with a depth of experience in the unique concerns facing the legal industry. Vet potential partners in peer groups such as ALA, ILTA, or any user groups such as Thomson Reuters Elite.
  • Seek lessors with excellent and highly responsive communication abilities, flexibility in solutions offered, and predictability and longevity of the management staff
  • Forge relationships with vendor-neutral, customer-focused lessors. Best practices dictate that you forge relationships with lessors that can deliver on your ever-changing requirements.
  • Look beyond the least rate factor. Of course the rates and credit acceptance offered by the lessor are important considerations. However, these are rarely the predominant factors in maintaining long-term partnerships. In fact, the primary selection criteria should be the service level and experience of their potential business partner, along with the strength and transparency of the master lease agreement. 

In Conclusion: Information Is the New Oil

As The Security Pressures Report illustrates, overall security-related pressures has been on the rise. Compared to 2012, 54% of IT pros felt more pressure to secure their organizations in 2013. Compared to 2013, 58% of respondents expected to experience more pressure to secure their organizations in 2014.

But also evidenced in the report is the gap between what your IT professionals know needs to happen and the financial resources that it requires. It’s being said now that “information is the new oil,” and the threat to that resource is only increasing – no law firm wants to be the next Target or Home Depot. Leasing is a financial strategy that can provide immediate, concrete results, while building in flexibility and quick decision making over the long term—a financial win-win for today’s market.

CoreTech Leasing

CoreTech Leasing is an independent technology and equipment lessor. Founded on over two decades of leasing expertise, CoreTech's executive team delivers over a century of experience in technology and equipment leasing and lease administration services to over 100 of the nation's most distinguished law firms. Click here for more information.

Return to Forefront main page »
Thomson Reuters Elite Headquarters
800 Corporate Pointe, Suite 150, Culver City, CA 90230
© 2015 Thomson Reuters
Thomson Reuters