Selecting vendors can be a frustrating and complicated process—but it doesn’t have to be. You’ve already got enough to think about while considering the differences in functionality across different products and vendors, and factoring in security is like going through the entire decision-making process all over again! With a few key considerations, though, you can vet vendors’ security protocols like a pro, leaving you to make a choice that fits your budget and performance needs with the peace of mind that comes with knowing that security is covered.
Ask the Vendor for References
For enterprises of any size, one of the most critical ways to vet a vendor is to ask for references of businesses similar to yours who also use their platform. If the vendor doesn’t have any, it might be a sign that they’re selling you a product that isn’t the best fit for your needs.
Set Your Non-Negotiables
Whether you’re part of a legal team for a major corporation or you’re a one-person operation, it is critical that you outline best practices and protocols that every vendor must meet. If it’s in the budget, consider bringing in a security consultant to help write requirements documentation. If it isn’t, gather data from similar businesses through references and networking to ensure that you have a comprehensive understanding of what your industry’s security requirements are. Not vetting a vendor can lead to personal liability if a security breach occurs. And not having a strict checklist can lead to human error—the cause of over 50% of all cybersecurity breaches!
Know Which Questions to Ask
It’s easy to get caught up in a vendor’s sales pitch, especially when you’re shopping for software designed to make your business life easier. That’s why it’s essential to have a list of security requirements and questions that you bring to every potential vendor. It may be the most useful billing tool in the world, but if it brings security risk to your company, it could cost you everything. Here are a few considerations to bring to everything from calendar apps to vital HR software services:
- Where is the data stored?
- What level of vetting do the company’s employees go through?
- Is data encrypted every step of the way?
- Are all systems (Flash, Java, operating systems, mail clients, firewalls, software solutions, etc.) being kept up to date with every security patch, every day?
- Does the vendor sub-contract any work at all?
- How is the company structured? Who is legally liable for security breaches?
- How does the vendor’s software integrate with your current suite of tools?
- Am I able to create customized fields for my contacts and matters within your software if the existing templates don’t consist of all the information I need?
- Does the vendor’s software allow me to customize the security roles for my firm without having to choose from predetermined options?
- Does the vendor’s software allow my clients and I to schedule, make, and receive automated payments?
- Will the vendor’s software alert me when clients receive and open the invoices I send them?
- Am I able to print checks directly from the vendor’s software?
- Am I able to create batch time entries using the vendor’s software in order to maximize my time?
- Does the vendor’s software have a chat function that allows me to communicate with colleagues within my law firm internally?
- Will the vendor’s software send me direct SMS text reminders for upcoming dates, deadlines, and meetings?
- Will the vendor’s software send me real-time notifications when changes are made to my contacts, matters, or calendar?
- Does the vendor’s software create an email out a daily agenda or checklist directly to me?
- Does the vendor’s software integrate directly with MailChimp?
- Does the vendor’s software allow me to directly sync my trust account to QuickBooks Online?
Chicago-ing Through FAQ’s
From March 7th to March 8th, PracticePanther attended the annual ABA TechShow in Chicago, Illinois. Every year, TechShow is an invaluable opportunity to connect with professionals all over the legal tech field. It is also a singular chance to engage directly with both potential and subscribed clients, fielding their questions and thus gauging consumers’ biggest concerns when shopping for and evaluating their practice management software. Here are a few of the most popular questions we received at the ABA TechShow this year:
-
Does your software track time? How?
- Will your software integrate with my calendaring system? How about my email?
- Is your subscription fee scaled, or will I be charged a flat fee?
- Will I be billed for your software annually or monthly?
- Will I be charged for data importing/support/training?
- Is your tech support unlimited, or will you charge past a certain number of chats and/or calls?
- Where is your office based?
- If your pricing changes, will future users added to my account be charged the new, higher prices?
- Does your software integrate with LawPay?
- Does your software allow me to customize security privileges within my firm>
Conclusion
While security can make or break your business, it is not the primary thing we think about when shopping for new software tools. A variety of your prospective software platforms’ features become essential when you’re considering which one to commit to; ultimately, it comes down to the platform’s ability to mold according to your and your firm’s needs. However, the software itself is not the sole determinant of whether or not you should adopt it within your firm; be sure to pay attention to the culture, ethical history, and general business philosophy of the company you’re about to invest a considerable amount of money (and your clients’ sensitive information) in. With a bit of preparation, you can ensure you protect your company and yourself and spend your time shopping for a product that adds functionality and maximizes productivity without adding risk.