The Challenge
- The firm’s historic solution was expensive and delivered a lesser user experience for colleagues and recipients alike
- Integration with the firm’s CMS, Mattersphere, needed to deliver encryption and robust security for all emails, but also ensure failsafe accessibility in the future
- The ability to send sensitive data protected by encryption and 2FA controls needed to be easy for users
Solution
- With Zivver, clients no longer need to create accounts to access secure emails. Solicitors can protect emails with flexible two factor-authentication controls, depending on the recipient’s preference
- Zivver integrates with Mattersphere, protecting data with advanced encryption but ensuring easy access for recipients and colleagues
- Meeting compliance with data protection is a huge priority for the firm; Zivver supports the team with user-friendly encryption tools and two-way secure communication.
Award winning firm, GA Solicitors, is dedicated to supporting their clients across a variety of areas, from commercial disputes to family law. GA Solicitors emphasise that they are a firm centered around people - a value reflected not only in their service delivery, but in their approach towards IT security and information protection.
We spoke to Steve Turner, IT and Facilities Director, to understand how Zivver supports the firm in meeting their compliance responsibilities by simplifying secure data transfer for their colleagues and clients:
“Before implementing Zivver, we’d been using an alternative email security solution for many years. It’s a solution used widely across the legal sector, primarily because it is used by the courts. However, costs were climbing, and we were seeing some issues with people being able to gain access. Recipients didn’t like having to create accounts to access emails. We found that therefore it wasn’t being used as much as it should. Nobody likes a clunky workflow, clients and lawyers alike. To guarantee a solution is actually used, it needs to be simple. That means that people don’t need to create accounts or input unique codes every time they receive a secure email.”
User-friendly encryption tools
“Zivver stood out to us because of its ease of use for everyone – colleagues and employees. The multi factor authentication is very straight forward and we can choose the authentication method for every recipient; colleagues can send a code by email or text message, depending on the requirements of the client. If we’re engaging with another organisation – a firm, solicitors or an estate agent, for example - we can send a predetermined code which can be used by anyone at that organisation.”
Data loss prevention tailored to the legal sector
“Another area Zivver excels in is human error prevention. The business rules are accurate and reliable. Users are alerted to all kinds of sensitive data including financial information or PII and are notified when it is best to encrypt the email. The rules also act as a useful alert to potential mistakes, so they can revoke data or double check recipients before sending.”
“Rather than enforcing encryption, we prefer to give people the choice; they're advised about best practice, but the onus is on the lawyer to make their own decision.”
“The misdirected email facility within Zivver is also very good functionality, and it does work - it stops major data leaks. Sending an email to the wrong person or sharing sensitive data by accident is very likely to result in a complaint and legislators coming down on the firm. We can’t risk this, so ensuring people have the tools they need to prevent data loss mistakes is essential.”
CMS integration
“We use a case management system (CMS) called Mattersphere. Unlike our old system, the beauty of Zivver is that it saves the email in its original state, rather than saving it and sending out an unencrypted copy to the client. Clients receive encrypted email, but it is easy to access.”
“We also have to futureproof. I need to ensure that every document and email is accessible on our CMS for our clients, colleagues and operational teams. With our historic solution, if an individual leaves the firm, the data on our CMS can no longer be accessed. Again, this isn’t the case with Zivver; lawyers can still open emails. We have cases that run for five years or more, so data needs to be secure but accessible long into the future.”
Two-way secure communication
“Another aspect of Zivver which we love is the large file transfer. We have a data room but we don’t want to use this for one-off transactions. Having unlimited, two-way file transfer capabilities is very beneficial to us. As I look after both security and IT at GA Solicitors, I need to ensure our practice is protected from email interception; I’m conscious of AI, phishing, and spoofing. Using encrypted file transfer is protecting us against these threats.”
“Conversation Starter functionality is also very helpful. With Zivver, we can enable stakeholders to reply to our emails securely. People don’t need to create accounts to do this. Clients often need to send us files; a family client may need to send up to 30 or 40 photographs, for example, and this will breach the limit of an ordinary email exchange. With Zivver, this is easy.”
Supporting compliance under the SRA
“Under the SRA and Cyber Essentials, we have to employ the relevant tools to fulfil security requirements. Zivver is part of this suite, supporting us to meet our legal obligations. Every tool we implement needs to be easy to use, otherwise people won’t use them.”
“We have received feedback from our colleagues and it is generally always positive. I haven’t had one issue with regards to communication or email transfer. We have also received feedback from several organisations that Zivver is a better system to the alternative used predominantly by law firms.”
“Zivver’s system support is also very good, they are more than happy to go the extra mile to engage with the courts on our behalf to assist. They set the example. I would recommend Zivver to any law firm looking to protect their email communications.”
