Thursday, September 27, 2012

What is the "cloud" and why to we care?

Everywhere you turn today you hear about “the cloud”.  From advertisements promoting how efficient and cheap it is to dire warnings from legal experts about the dangers of compliance issues related to it.  Honestly most of us don’t understand how “the cloud” differs from what we have going on right now.  More importantly, most of us don’t know why we should care.
I care, mostly because I work for a hosting provider and I’m paid to care.  But beyond that, I’m a geek at heart, and while I only understand a small bit of the technology behind it, I’m fascinated by what smart people are able to do with technology. 

Wikipedia defines cloud computing as “the delivery of computing and storage capacity as a service to a heterogeneous community of end-recipients.”  If you’re like me, the first thought that comes to mind after reading that was, “huh?”  A better explanation comes from Campus Technology.  Although it’s geared towards educational institutions, it’s a good read; their piece likens the cloud to a combination of your household utilities, you don’t know how the electricity is generated, but it’s always there when you need it.  In the background, the cloud is using data to provision the right resources to the heterogeneous applications hosted on multiple servers to allow you to access your application or data quickly and efficiently.  You may not understand how the email service works, but it’s always there when you need to send an email.  And now, the cloud has expanded beyond traditional software and a service (SaaS) models to entire platforms and infrastructures (PaaS and IaaS respectively). 

The benefit to the business is that it no longer has to carry the cost and the man power to support the hardware, software, maintenance and other heavy lifting when it comes to applications.  You can use Google docs from any internet connection on any machine, without an individual license for each machine.  Some cloud host can provide the hardware and server software licenses to host your email, accounting, word processing or virtually any other software.  The cost savings is huge.  And because the third party can host data and applications for multiple customers on the same group of machines, it’s a lot more cost effective for them.  As an added benefit, competition amongst cloud hosts mean that the efficiency of the machines being used to host the software and applications is always improving to provide that competitive edge.  Cheaper and more efficient – what’s not to love?

And that’s where all those harbingers of horrors come in.  Did you catch the part where the third party can host data and applications for multiple customers on the same group of machines?  That means no more air-wall between your company’s data and that of third parties.   The data can be accessed from multiple machines with the correct interface, often just a web browser.  It no longer is completely contained on company owned and thus company controlled machines.  The redundancy involved in providing cloud services is a great thing from an IT perspective as it means your data will always be available – but it also means that you can’t just hit delete and have a guarantee that it’s truly gone.  And then there’s the taxing issue, if you were buying those servers and licenses sales and use taxes are fairly clear.  When turning software, platforms and infrastructure into services, it becomes a murkier issue.  While most of that falls on the host, your company may be on the hook for use taxes it didn’t know it was supposed to submit.

With your IT department jumping on the cloud bandwagon and your finance team cheering at the cost savings, how do you protect your company without raining on the parade?  First, as with any critical element make sure you’re dealing with a reputable company.  The cloud may be new, but hosting isn’t.  You should be able to find a hosting company that has a history of providing security, efficiencies and value.  Get an idea as to the level of security protocols in place.  Packages of data should be firewalled and protections should be in place that prohibits other users from accessing your data.  Know where the servers are located and what jurisdiction will govern the data.  For example, the EU has much different data privacy laws that the USA, and where the servers are – not the host’s corporate office or your location will govern. 

Second, make sure that any sensitive data has encryption and authentication built into the application.  Be practical about what your requirements are – if you’re storing customer payment data require PCI level security measures as a baseline.  If you’re storing HR data, require authentication and account logging.  Don’t require Fort Knox for archives of your publically available website.

 Finally, make sure the TOS has appropriate protections – but keep in mind, SaaS and PaaS providers aren’t likely to negotiate much, if any.  And they really shouldn't, their business model is to sell a one size fits all type solution for low margins to a high volume of customers.  Having unique terms for even 10% of their customers will dramatically change the business model and raise the prices. If the TOS don’t match your needs, find a provider that has the terms you do need.  If none do, then reassess whether the terms you are looking for are really needed for practical reasons or academic.  Ask yourself if the cloud is really practical given your company's risk tolerance.  For IaaS, you should be able to negotiate the majority of the terms. 

It’s pretty clear that “the Cloud” is here to stay, at least until the next thing comes along.  By staying on top of the privacy, security and compliance issues you can do a lot to protect your company while taking advantage of the cost and efficiency improvements the cloud can bring.

Monday, September 24, 2012

What's in a name?

When talking to a firm lawyer, you can generally get an idea about their general level of experience, range of billable rate and the extent that they may have decision making ability based on their title.  There are exceptions of course, but for the most part this is true.  It makes it slightly easier when negotiating with them as you already have some basic information about them.  The rest you can generally get off the firm website.

None of that holds true for in house counsel.  Can you tell anything reliable from a title of a staff counsel, corporate counsel, assistant general counsel, associate general counsel, deputy general counsel, director of legal, vp, or division general counsel? Not really.  Depending on the size of the company and the size of the legal department you might have a general counsel with 4-5 years experience negotiating an agreement with a assistant general counsel with 20 years experience.  A corporate counsel may be responsible for managing all legal affairs for the Americas while a VP of Legal may only manage the litigation for their company.  To throw another wrench in the mix, when dealing with start ups, the general counsel may only have 5 years of legal experience, but has been involved in the business since the garage days and understands every aspect of the deal much more than the 20 year vet who only does transactions.  The young GC may also have a lot more influence with the executive team and the board than a director at a larger company whose never met the board.

In the in house world, a title can be absolutely worthless in sizing up the opposition. However, they can be huge negotiating points when hiring on new talent.  Lawyers are by nature an egocentric bunch.  It's why so many of us sign off on letters as "Esquire" (a habit that I always make fun of when I get letters signed this way).  And why some lawyers will ridiculously call themselves "doctors" just because there's a doctorate in the degree.  While we probably aren't trying too hard to recruit those guys, trying to get a qualified candidate to head up your litigation management or to manage the millions of dollars in transactions you do each year is going to be hard if you post an opening for "counsel".

At the same time, you're not doing anyone a favor by hiring a first year and calling him a VP.  Striking the balance between what is appropriate and what is desirable can be difficult.  Especially for smaller companies who don't have large, structured law departments and don't typically pay as well.  A trade off for a higher salary might require a better title.  Which of course might invoke jealousy in current members of the team.  Hiring a new deputy general counsel to manage a specialized, hard to fill area won't sit well with your existing crew if they're all stuck at corporate counsel.

It's a good idea to have a succession plan of titles to give your team something to grow into and achieve.  Having a good set of criteria as to when someone would qualify for the title is critical, as is having a good idea of when to set aside that criteria.  Messaging to your team about what, if anything, the titles they carry convey to the rest of the company is also important.  Keep in mind that the title will also convey a meaning, weather accurate or not, to the outside world.  A world that includes the opposition as well as parents, spouses, friends and family.  Sometimes a nice title is all that's needed to keep a valued employee happy.  

Thursday, September 20, 2012

Things I Never Thought I'd Say

This week I had my monthly lunch with a group of in house attorneys who also happen to be moms.  We try to meet once a month to give each other advice and support on work issues and family issues.  It's usually a very valuable lunch as a learn a lot from these ladies, and have a laugh here and there too.

While sharing stories of the incredible things are kids were doing, I was reminded of a list on Facebook I had seen earlier, "Things I Never Thought I'd Say" as a mom.  It was cute and included things like, "You can have a cupcake if you eat your hotdog" and "Let me smell your hands".  both things I've said relatively recently to Z, my oldest.  So we started talking about things we never thought we'd say as lawyers.

As a eager young first year law student I had an image of what practicing law would be like.  Not knowing any real lawyers before law school, it was an image shaped by tv, famous lawyers and pure imagination.  I expected a very professional environment with lots of respect for the position.
When I started my first day as a "real lawyer" at an internet company I had a very quick realization that my image was all wrong.  In reality, there are a bunch of things that we in house lawyers say on an almost daily basis that we never dreamed of saying when we're in law school.  Here's some of my favorites from our discussion this week.  Feel free to add yours to the comments.

"Put your shoes on."

"Please stop following me with the Justin Beiber cut out, it's creepy."

"No, we can't get a trademark on 'Email Services'."

"Beer Friday's is not permission to have Jack Daniel's Friday."

"No, it's not possible to have a complete review of this 120 page contract done in 2 hours.  Give me 6 and I'll have a redline for you."

"I know you think it's a great history lesson, but lecturing the staff on why Good Friday is a holiday is probably a bad idea."

"No shooting in the face!  Aim for the body or I'm taking your Nerf guns away!" -- okay I may have said that one to Z too.

Monday, September 17, 2012

Overlawyering - Avoid at all Costs!

The fear of all business people working with counsel is overlawyering.  It's frustrating when you're paying someone by the hour to help you complete the paper so you can close the big deal or advise you on the risk of that new product.  It's crippling when it comes from your in house counsel who is supposed to be on "your side".  For in house counsel, overlawyering will get you quickly and permanently removed from the conversation and will force you into a much more reactionary role.

For those of you thinking I just made up the word, overlawyering is when the lawyer aggressively attempts to eradicate all risk in a transaction, document or product.  It's when the 3 page contract you send to them comes back with 10 more pages, or when the disclaimers they insist go with your new marketing campaign take up half the page.  From the business perspective, it's when the lawyers are showing that they just don't get it.

The worst part about it is that all lawyers do it at some point.  There at least one issue that you've had bad experience with in the past that you want to protect your client from in the future.  On this one issue your mind overrides your common sense and tells you that they don't understand that the risk is real and its your job to make everything as risk free as possible.  Only that's not your job.  Your job is to facilitate the business purpose while managing the risk in a business-centric way.

Yes, the indemnity clause could be better.  Yes the limits of liability are way too low if a catastrophe happens.  The proposed marketing plan will always walk the line on what's technically allowable under current regulations.  The new product will have unknown risk associated with it that can't be completely planned for.  The thing is, that business people know there is risk involved.  They want you to minimize it, but know you can't eliminate it.  And they don't want you to.  If it was completely risk free, everyone would do it and there wouldn't be any money in it.  

If you've been accused of overlawyering or know there is a particular issue to which you are sensitive, take more time before answering the question or returning the redline.  After your initial review, take a few minutes to think about the business side of the matter and then re-review.  Put the risk into perspective: how much is to be made on the deal?  What's the real likelihood of the risk becoming reality?  If it does, what's it likely to cost?  Then revise your answer to be more business friendly.  Highlight the risks that you didn't attack in a cover-email or in conversation and ask if the client would like you to be more aggressive.  Nine times out of ten, the answer will be no but you will have shown your business partners that you understand the value of good lawyering and the detriment of overlawyering.

Friday, September 14, 2012

Words matter.

This week my son brought home a flyer in his backpack promoting the schools "Watch D.O.G." program and asking the students dads to volunteer.  The organization is designed to provide strong, positive male role models at the school.  As a concept, we very much approve of the idea and celebrate that at least in our school district dads are seen as just as necessary for a child's success as moms.  However, the flyer was titled, "Calling all Dogs!"  And they lost my husband right there.  He started going off on why men have to be compared to dogs, which usually carries a negative context while the moms are always given positive monikers.  It offended him deeply.  Now maybe it's part of his own issues related to being an early adopter of the stay at home dad phenomena. Maybe he's the only person in the history of the program to draw that connection.  I doubt it, he's not usually the super sensitive, politically correct type.  Either way, it illustrates the point that words matter.

As lawyers, we very carefully choose our words when drafting a pleading, a contract or an email to a client or opposing counsel.  We may be less careful when communicating with friends, family and co-workers, or when communicating things that don't have "legal" significance.  One of the soft skills they don't teach you in law school is how to perfect this second type of communication.  It's easy to fire off an email to a co-worker about a non-legal issue without thinking about how your word choice may change the way your co-worker receives the message.  It's often words that invoke an emotional reaction from the reader that may hijack your message and turn it into drama.

I'm not advocating spending the time and care in crafting emails about lunch as you do in crafting complex contracts.  But you should get to know your co-workers and colleagues enough to know what their sensitivities.  For those you don't know well, format your communications as if your target audience is your grandmother.  (Proper grammar and all!)  You may just avoid having that email explaining why someone was not invited to a meeting turn into World War III.  

Monday, September 10, 2012

Having it All

Last week I went to lunch with a bright young lawyer who was struggling with finding the right fit professionally.  Among her concerns was the fact that she wanted to start a family, and had to consider the timing of that so as to minimize the impact on her career.  After leaving that lunch I had a conversation with my aunt, who is not a lawyer, about how work life has changed and hasn't changed for women.  The more we talked, the more I realized that the things that make it possible for a woman to be successful and "have it all" are the same things required for men - men just don't publicize it.

Every successful working mom I know has followed one of three paths; they either have an incredible support network or spouse carrying the heavy lifting on the domestic front, have held off on really focusing on their careers until the kids are older, or have held off on having kids until after they've reached some measure of 'success'.  The same can be said for all of the successful working dads I know - the majority have wives that support their career by taking on the majority of the domestic responsibilities (this is regardless of whether they work also or not).  But no one makes a big deal out of it when a man does it.  And no one asks him if it's hard to miss out on the soccer games and PTA like they're looking for some reason to diminish his professional success or guilt him for his lack of patriarchal involvement.

Similarly, when I had each of my kids I know I suffered the physical affects of birth and sleep deprivation from having a new born.  But so did my husband.  He was up with the baby as often if not more often than me, and he had to deal with the toddlers we had at home as well.  So why is it when I wanted to work while on maternity leave after the birth of my second child I got a lot of condescension from superiors about how hard it was to have a baby and instructions to "enjoy" the time with my new blob of sleeping, eating, pooping joy?  While at the same time, a male colleague having twins the same month was harassed for wanting to take a month off to get in the rhythm of new family life?

It's true that in order for any of us, male or female, to "have it all" we need to have a network of support that allows us to reach our potential while not punishing us for trying to achieve balance.  And that, dear readers, is where the purpose of this post lies.  Most in house lawyers are leaders of some kind within their respective companies.  Whether you're the GC, a managing lawyer or just staff counsel, people within the company look to you and the legal department for guidance on a variety of things - some not very legal in nature.  So the first step to achieving an environment where we can all have it all is to be the example.  The legal department should support the flexibility required to maintain a family and a career without judgment while at the same time understanding that it looks different for each person depending on their situation and personality.  It was unfair to belittle and punish me for wanting to get back to work quickly and to harass my colleague for wanting more time with his twins.  We each had different support networks in place at home, different experiences (my second, his first) and different working habits.  Effective management would be to offer equal flexibility, but understand that it looks differently for each employee.

Second, when the HR team or other business unit looks to you or the legal department for guidance on policies, be an advocate for flexibility.  While it's not a strictly legal standard, you can influence the decisions made by pointing out the benefits of assisting your employees to have opportunity to both build their career and their families.  Encourage your leaders to recognize productivity and efficiencies rather than pure hours in the office and face time.   It is definitely important to hold your employees to high standards, but less important on how they meet or exceed those requirements.

We're a long way from anyone getting to truly "have it all", but working together to change the conversation will definitely push us in the right direction.

Tuesday, September 4, 2012

Art of Networking Part 2

All 3 of my faithful readers will have noted my absence last week - sorry, I was laid up with a serious strep infection and barely conscious.  I did write this article first last week, but after reading it while not heavily drugged, I realized that I really shouldn't post anything I write while under the influence of anything.  So here's take 2 on the promised follow up to why networking is important. Thank you for your patience.

Art of Networking Part 2 - a.k.a. How the hell do I do it?

We all agree that networking is extremely important for lawyers.  Firm lawyers need to network to generate more business.  In house lawyers need to network to expand their resource network as well as stay poised for that next position.  We also all agree that networking can suck.  Going to after hours happy hours with people you've never met to talk about the only thing you have in common - the law can be mind-blowingly dull.  However there are ways of making it much more productive.  I've polled some of the best net-workers in my professional network to get some advice on how to make it work.  Much of this is stuff you've probably heard before, but there's a reason for the repetitiveness - it works!

K Royal, Privacy Counsel at Align Technology gives a networking primer for new law grads.  While she has a great ice breaker built in (yes, her name really is just the letter K), she offers other practical tips on networking.  Starting with, you are ALWAYS networking.  Stephanie Sandell, Conflicts Counsel at Snell & Wilmer agrees, she does the most "networking" within her firm.  Every person you meet is a potential contact within your network. Even the girl getting your coffee at Starbucks. Act accordingly.  K also advises to network at all levels, not just other lawyers or executives.  You never know who is connected to whom, or who holds the real power in an organization.  I always make a habit of getting to know the admins of every department/executive I work with.  Often times they have a ton of insight into the total picture of how a company is run as well as who the power players are.

As much of a chore as networking is, it is important to remember that the process isn't about you, it's about the other person.  K recommends that you learn who they are and what interests them.  Find out what you can do for someone else.  That will create an enduring memory of you, and when the time comes - if it comes, they will be more willing to lend you a helping hand or send business your way.  Nicole Sallie Franklin, IP Specialist at Facebook, agrees.  She recommends going to each event with the mindset of "how can I help someone else" to alleviate the performance anxiety of networking.

There was some disagreement among the 'experts' on how often to attend networking events.  Nicole encourages you to skip things if you're not feeling up to it.  As the impression you leave on others if you're having an off day may not be the one you want them to have. Christine Jones, former General Counsel at encourages you to go to everything you can.  Attending a wide variety of events will expose you to many different people and open up more opportunity.  Conny Ruthven, General Counsel at Ad Revolution recommends a compromise - partner up with a friend.  Having plans with a friend is a lot less intimidating than going to a networking event, and you'll be less likely to want to bow out.  She also highly recommends not keeping it to official "events" as a normal old dinner party can create some very valuable contacts and friends.

Once you've made it through the door, don't undo it by doing nothing.  Just showing up is not enough, you have to work the room.  Everyone agreed that while you should acknowledge the people in the room that you know, sit at a table with people you don't.  Christine recommends working the room like the host.  Offering to get a drink for someone may take off the pressure of randomly introducing yourself to a stranger.  I get nervous in a room full of strangers, and am not nearly as charming as Christine.  So I make it a rule to try to get to know one new person at every event.  Limiting my goal to one person out of the room takes the pressure off of having to work the crowd and allows me to find someone who I may have something in common to talk about (kids is a big one these days).

The biggest key to successful networking isn't what you do while at an event or while talking with that potential contact, it comes the next day with the follow up.  If you don't follow up with the contacts you make, you'll always be that nice girl/guy they met at that dinner.  Following up sets the expectation that you want longer term interaction.  K recommends waiting until the next day to follow up with an email, noting that sending it the same night might be a little stalkerish.  Nicole agrees, and recommends adding your LinkedIn profile if you'd like to add them as a connection there.  Everyone agrees that adding a personal detail about the conversation you had to help them remember you from the sea of other would be net-workers is a must.  This shouldn't be a request for free advice or a job, rather something that reminds them of the conversation and you.  You may even offer some information that follows up on the conversation, in my case the contact info for that pre-k program or an email introduction to a mutual friend with a lunch invitation. Follow up again in about a month with additional information or an invitation to coffee for catching up.  You'll be amazed at how easily you can turn these contacts into friends and how quickly your network grows.

Have advice we haven't gone over yet?  Please share in the comments.