Episode Notes

Zack talks with ShareFile’s Laura Kaminski about the challenges of document management in law firms. Listen and learn how cloud-based technologies can provide more secure and user-friendly solutions for attorneys and their clients. 

Links from the episode:

Check out ShareFile for Legal 

Five Challenges Shaping the New Legal Paradigm  

Streamline your document-related workflows with ShareFile for Legal 

If today's podcast resonates with you and you haven't read The Small Firm Roadmap Revisited yet, get the first chapter right now for free! Looking for help beyond the book? Check out our coaching community to see if it's right for you.

  • 01:39. Benefits of online collaboration
  • 09:29. The benefit of having ShareFile
  • 13:32. Security in the cloud



Welcome to The Lawyerist Podcast, a series of discussions with entrepreneurs and innovators about building a successful law practice in today’s challenging and constantly changing legal market. Lawyerist supports attorneys, building client-centered, and future-oriented small law firms through community, content, and coaching both online and through the Lawyerist Lab. And now from the team that brought you The Small Firm Roadmap and your podcast hosts 

 Zack Glaser (00:35): 

Hey, it’s Zack, and this is episode 481 of the Lawyerist Podcast. Today we have a sponsored episode on online collaboration with clients, and I’m joined by Laura Kaminski of ShareFile. Laura, thanks for coming to the show. 


Laura Kaminski (00:47): 

Hi, I’m Laura Kaminski, principal product marketing manager at ShareFile, and I’m here today to talk you about our document management workflows and security here at ShareFile. 


Zack Glaser (00:57): 

We say exciting things, and the first thing that popped into my mind is how exciting is document sharing and online collaboration. But really this is kind of a cool time to be in online collaboration, document sharing and all of that because more and more people are going into the cloud. I think we’re kind of getting past the security issues with should I be in the cloud? And instead of asking that question, lawyers are really, really starting to ask who should I be in the cloud with? What are my benefits and how should I be using it? So let’s start there. What are the benefits of online collaboration and I guess document sharing tools? 


Laura Kaminski (01:39): 

The biggest benefit that we see a lot of our firms taking advantage of is really thinking about the client experience. So when you come about from a client experience focus, a lot of times we’re thinking about what can we do to make our lives faster as lawyers, but really it should be about what can we do to make our clients’ lives easier? We want to make their experience seamless and possible. When you think about everything from their end, yes, you’re trying to get through your job and get through all the paperwork, but from their end, they’re stressed out, they don’t know what’s going on behind the scenes, they just want more answers to things. So think about really what can you do to make their experience more seamless and more realistic to what they’re experiencing with other consumer tools in their lives. 


Zack Glaser (02:20): 

Oh yeah, yeah. More realistic to other consumer tools. Absolutely, because first thing, we as lawyers don’t generally catch people on their best day. The days that I was in court meeting with people, that wasn’t usually what they wanted to do with their day, and even if they’re doing something with their business or something like that, it’s not usually what they want to do. So making the collaboration, making the experience client centered is imperative. So I think that leads me to when I was practicing, I would just kind of create a file in Microsoft’s file stuff and I would just share that file, which how is that changing? How is this idea of sharing documents and information with our clients kind of adjusting now that people are getting a little bit more used to the cloud? 


Laura Kaminski (03:13): 

I would say the most basic thing is just automating those routine things of saving that file, saving that file back to the folder, being able to sign a document and it automatically saves back to your client folder, not have to think twice. That client just knows where to go. Being able to have those workflows for those routine things. Let’s say you’re always collecting the same 10 documents from a client and they’ve sent you eight, what were those eight? And maybe the seventh one was even the wrong one. Having that automated definitely saves time and again, gives that peace of mind back to that client of, oh, here’s my checklist and it’s all automated and I needed this by Friday, and instead of me getting on the phone calling them, the technology can send me a reminder, I don’t have to track down when this is due, if it’s for a certain deadline, taking that pressure off of you so you can do other things that are maybe more value add to the client. 


Zack Glaser (04:06): 

Okay. So that sounds a little bit more like a client portal as opposed to just a link that I share with the client, the client looks, and kind of a OneNote link or a Dropbox link that just says here where the files are supposed to go when you put ’em in here, how does that look from the share file standpoint of being a client portal? 


Laura Kaminski (04:28): 

So what we’ve taken is this concept of a client portal and definitely expanded upon those capabilities. One thing we’ve seen is yes, a client wants one location to have those contracts that they signed, but when you think about going one step forward of the whole entire process of, again, I have certain documents I need to collect, so something such as incorporating tasks into that assignment from the lawyer perspective, having the ability to have a document request list, for example, say I need these documents by Friday so that my peers know where I am in this process. I can keep track of this. And then also on the client side, they able to see that progression of when do I need to give things by? I need to upload these things and I am able to have access in this one central location. 


Zack Glaser (05:13): 

So really beyond document management is what we’re talking about here. We’re talking about, I don’t want to say relationship management, but a little bit of task management, a lot of document management, and being able to comment outside of the document instead of just living right inside of that word file and just having comments back and forth. You’d be able to make comments or ask people to do things related to the whole set of documents themselves? 


Laura Kaminski (05:43): 

Correct. Within the Share ShareFile interface, one thing that’s really exciting is to be able to see both a client viewpoint and also the employee viewpoint. So from the employee side, we have this new feature where you’re able to actually make comments and collaborate with your client right in the portal. So this really keeps it all streamlined in one central location. Yes, it’s a great experience for that client to have everything on the one side, but also for you as an employee, having everything secure within one portal so that communication of sensitive information is all within one location. So things are not lost through email, things are not written down in a piece of paper. So that unified access is all in one location. 


Zack Glaser (06:24): 

Well, yeah. So let’s talk about the kind of security of that. I think to me that’s one of the biggest benefits of a tool like this is getting past that unencrypted email, or even worse, the unencrypted text message evidence that’s being sent to my personal phone. What are the security implications here? What are we trying to get past? And then also how is a tool like ShareFile addressing those? 


Laura Kaminski (06:52): 

So what we’ve seen is that employees often move really quickly to meet tight deadlines, and it can be really tempting to bypass security protocols. One example is just attaching a document to an email saying it off, but obviously that’s really, really straightforward and very convenient to get along with your day, but we need to understand what those risks are. So sharing things essentially as in a public manner. We’ve seen people even share documents just in a public manner, like a publicly access link. So it opens you up to some data scraping. So search engines often index public links, making them a target for scraping tools. We’ve seen malicious actors scare the internet looking for sensitive information. Even something so simple as yes, even though you have a log in to access your files, maybe your password is 1, 2, 3, 4, or the same password you have for your Netflix accounts the client just made for their client portal with you. So these things are out there. So again, very silly things, but very realistic things we’ve seen our customers and their clients have. 


Zack Glaser (08:01): 

We say those are silly things, but they’re not. I mean, those are things that we see all the time, and I really harp on this a lot and the email especially sending an email. Let’s say I’m sending it from Zach at zach glacier law office.com. I know where my email is, I know what it’s going through, but I’m sending it to Jamie attorney@gmail.com. I have no idea who has access to that. If it’s just a regular Gmail account, it’s Google is going through that email. So we already have issues with confidentiality, we might have issues with security, we might have other things like that, but that’s even people trying to do okay by sending things with an email, a text message is even worse. A text message is basically, like you said, sending something in a public manner. But I hadn’t really thought about the idea of if you do have something and you put it on your website, let’s say, and you’re relying on security through anonymity, security through just, nobody’s going to find this, there are things that are built out there to find things like this. You can’t just pop up a website and you pop up a page in your website and say, okay, well that’ll be good because nobody will ever go to that page. Well, if it’s public, somebody will get to that page. So what is the process, or I guess what is the benefit of having something like ShareFile? What does it do that is getting past all of that? 


Laura Kaminski (09:29): 

Sure. So there are, granted, yeah, share sefa also has the ability to do anonymous links, but things that we recommend are requiring login to view files. So I know this one in particular has a tradeoff because it’s requiring your client to have to set up an account and have a login, but really it’s for their best practices to be able to have that gate there. So it’s a very simple thing to do to be able just to log in to view this item here. Another thing employees can do is set document management controls. So the ability to set view or download permission, so this client can only view this, they cannot download this, or here’s a link to view the file. It’s only going to be live for seven days, or it’s maybe not so sensitive. You can have it live for maybe 30 days or two, three months live here. 



Some more advanced things that we’ve had and we’ve had our customers do setting up multifactor authentication. So again, another step that a client would have to, yes, you have to log in and maybe authenticate with another method, but it’s just another fail safe area. And then the last thing is security threat alerts. Something share file has is ability to send out a notification, somebody logged in. Too many times we know my client is in Miami, someone is logging in from India. How can they be in two locations at the same time? There’s something wrong. Let’s go ahead and investigate this on behalf of the client here. 


Zack Glaser (10:49): 

And I think that’s a big thing right now with cloud-based platforms that I’m seeing is honestly I can’t protect my data as well as a company that is paid to protect my data. Having the ability to have somebody else look and say, that’s coming from a very odd IP address at Log, and there’s no way they’re going to be doing that. I think that’s extremely helpful as well. So in this idea of sharing these documents online on the cloud, what are some best practices that people can use or think about as they’re, I don’t want to say dipping their toes into it because I think people are really getting into it now, but as they’re really starting to use these things in their offices? 


Laura Kaminski (11:32): 

Sure. I would say some other basic things to look for is maybe encrypting email content, so sending a secure link via the email. Again, once you click on the link you have to download, but maybe you also want to encrypt the body of the email, so that means the attachments as well as any of the content needs a secure password to view that as well. Something else would be utilize a dedicated project space. So we mentioned client portals previously. This is something again, you just would log in once and then you can see everything, all of your documents, you can maybe organize ’em by certain folders for the different projects you’re working on with that client or even with your own teammates there. 


Zack Glaser (12:09): 

So my client would actually be able to go into this folder area and see the structure that we have in there so they could have a little bit more, I don’t want to say autonomy, but agency in that process. 


Laura Kaminski (12:23): 

So the ability to be able to go into a portal to see everything. The client only has permission to see what you have given that person permission to see. So even if you had a folder at the root level client A, here’s everything, maybe it’s three folders down, that client only has access to view or edit that particular folder. So having those granular permissions is something that’s important to in that collaboration experience. 


Zack Glaser (12:45): 

Okay. Well, so with something like ShareFile, do they also have granular permissions kind of on the other side for me as the attorney being able to limit permissions, limit what files my employees or agents are able to see? 


Laura Kaminski (13:00): 

Yes. On the employee side, they also have permission, so on the actual folder or the file, let’s say I want to collaborate on a file with my peer, we’re trying to get this one document in a good spot before we even bring it out as the official document. We can go ahead and collaborate within share file directly and then lock that folder down, send that file out to the client, and be able to set those permissions just for the client to either view or to download, and then also for the client to send it back with any comments that they would have in that document. 


Zack Glaser (13:32): 

Okay. Okay. So just kind of taking a little bit of a step back, some attorneys, and I won’t name any names, but some attorneys are still worried about keeping their documents in the cloud about the security of that. They feel that having something on a server in their office in a server room or a closet is more secure than having their data in the cloud. I don’t think that’s the case anymore. Do you have any information or something like that on that area or to make people feel a little bit better about that? 


Laura Kaminski (14:09): 

Sure. I can say why they’re concerned. A hot topic everyone is concerned about is the possibility of a data breach, and I’ve seen a stat recently, the daily cost of a data breach in US is over $8,500 a day, and that can be very intimidating, but I would challenge ’em. On the flip side, we’ve seen something from the American Bar Association. 60% of firms are not even taking any precautionary cybersecurity measures, so maybe they would need to move the cloud. They’re in the cloud, they’re not even protecting themselves. One of the main responsibilities is to understand what can really lead to that unintentional data exposure. And what we’ve seen is a lot of it comes to just lack of understanding from their own employee base, or even if they did have proper training, the employees are often cutting corners, they’re overwhelmed with projects trying to get out the door as fast as possible. So a lot of it comes down to utilizing best practices or a tool that has these things built in natively that the employee doesn’t have to think twice about them. What can they do just to seamlessly share files or collect files files without having to think about the process and also just streamlining the employee experience so they can better serve their clients 


Zack Glaser (15:17): 

Well. Yeah, and to kind of jump onto that a little bit, first, a company like ShareFile is it is in their best interest to protect the data where it lives, to encrypt the data and to limit any access and things like that, which is what a law firm would be doing with their own on-premises servers share file is probably better at it than I personally am. The other side though is if you think about this idea of idea potentially having a breach sometime and you juxtapose that with actually having a professional responsibility issue with sending out confidential information via text message, one is a real and present danger. The other is an imagined danger and it is real, but it is kind of an out there danger. So making things easy for your clients or for your employees to continue to be proper as it relates to the rules of professional responsibility, probably a bigger issue then whether or not the balance of which one is more secure, your on-premises server or one in the cloud, and I still want to be clear, I argue that one in the cloud is going to be more secure anyway, provided that it has, like you said, multifactor authentication and is encrypted and allows you to have granular authentication and authorizations. 


Laura Kaminski (16:48): 

Definitely. That’s definitely one of the main things we’ve been focused on is how can we enable our customers to better help themselves have a better client experience, and it’s really streamlining that process for their employees. One thing that’s really cool that we’ve been looking at recently is how do we better enable the line level employee, the one that’s the boots on the ground working with the client to help them give the tools to prevent threats or have that conversation. For example, A lot of times if you do, maybe people already have some cybersecurity policies in place, however, like an IT admin person needs to be the one to authorize certain things. We recognize that the employee is the one that understands that relationship. They know, again, that client is in my city, they’re not traveling for vacation. They always go in June with their family, so they’re reaching if we get an alert, this is not normal. So they have that personal relationship, so what can we do to better enable them to serve their clients? 


Zack Glaser (17:46): 

I think that’s fantastic. And you guys are also creating better onboarding tools to help people serve their clients and get their clients to use these as well. 


Laura Kaminski (17:55): 

Yes. What we’ve seen is client onboarding is probably the most important step in the whole process, and if you don’t get this client and intake process, everything kind of falls apart and it goes back to having that conversation with the client. It’s something that’s free. You don’t need fancy tools to have this very basic thing and setting these expectations. So going back to you’re going to have a login, make sure you set a robust password, you’re going to be getting emails from our client portal tool called ShareFile, for example. You’ll get automated reminders. So having that conversation of what the expectations are, the way you have your document workflows, how that works, and then using your tool to execute those document workflows, the process will go a lot more smoother so they’re a little bit more educated at the front end and know those expectations throughout the whole work process. 


Zack Glaser (18:44): 

Fantastic. Well, Laura, thank you so much for talking with me about document sharing and cloud-based document access and all that. I know at the beginning of this, we were saying it’s an extremely exciting world where it is and it is for me. I really enjoy talking about this, so I appreciate you being with me and appreciate you sharing your expertise. 


Laura Kaminski (19:07): 

Great. Thanks for having me. 


Zack Glaser (19:09): 

If people want to know more, they can go to sharefile.com/industry/legal, and we will obviously put the links to that in the show notes. Laura, again, thank you so much for being with me. 


Laura Kaminski (19:22): 

No problem. 


Speaker 1 (19:25): 

The Lawyerist podcast is edited by Brittany. Felix, are you ready to implement the ideas we discuss here into your practice, wondering what to do next? Here are your first two steps. First, if you haven’t read the Small Firm roadmap yet, grab the first chapter for free at Lawyerist dot com slash book, looking for help beyond the book. Let’s chat about whether our coaching communities are right for you. Head to Lawyerist dot com slash community slash to schedule a 10 minute call with our team to learn more. The views expressed by the participants are their own and are not endorsed by Legal Talk Network. Nothing said in this podcast is legal advice for you. 

Your Hosts

Zack Glaser

is the Legal Tech Advisor at Lawyerist, where he assists the Lawyerist community in understanding and selecting appropriate technologies for their practices. He also writes product reviews and develops legal technology content helpful to lawyers and law firms. Zack is focused on helping Modern Lawyers find and create solutions to help assist their clients more effectively.

Featured Guests

Laura Karminski Headshot

Laura Karminski

Laura Kaminski, MBA, is a Principal Product Marketing Manager for ShareFile, a client collaboration and business-class file sharing SaaS product. With a passion for legal industry customer insights and market analysis, she drives go-to-market initiatives that transform the digital workplace to center around people and redefine the way we work. Laura serves on the ShareFile employee advisory board for charitable giving and volunteering with a focus is on driving K-12 STEM education for marginalized communities. 

Share Episode

Last updated January 5th, 2024