Latest News

Microsoft & Sharepoint taking over the legal world – part #98

We know this is like a red-rag to some of you DMS olde timers but here's a new case study – see attached PDF – from Microsoft looking at its recent Sharepoint project with Clifford Chance. You can read the document yourself but there are two points to highlight…

• the firm has “outlined an ambition to host all of its enterprise data in the cloud by 2014” (it has also calculated that its total document archive will comprise more than 11 terabytes of data by 2015)


• its new Sharepoint Server 2010 project means it will be able to “retire” its current OpenText DM5 document management platform

Comment: So the largest law firm on the planet is dropping its traditional DMS in favour of SharePoint – and this puts all the critics of Sharepoint where?

15 replies on “Microsoft & Sharepoint taking over the legal world – part #98”

Lots of questions raised by the article, not least cost and infrastructure reliability around the World, but it would be of most interest to hear some reaction/views from Opentext and Autonomy. (and their shareholders!)

I'm not too sure I would have opted for the File As You Go acronym.

I'll be upfront here just so you all know – We use Sharepoint for both our internal and external DMS content. Now, having said that, there will certainly be interesting times ahead for all DMS providers. Clifford Chance have taken the opportunity to jump from an older DMS to Sharepoint, they have the resource to do so and the benefits of doing so would have been substantial. Jumping to Sharepoint from a newer DMS with less resource would need some substantial benefits over that newer DMS to justify the jump, so it doesn’t look like DMS market leaders are facing a mass product exodus this year. Those substantial benefits (a.k.a. improvements to products) are the things that will make the times ahead all the more interesting. Whether Microsoft produces some really neat professional services style Sharepoint integration of its own or whether a niche Microsoft Sharepoint Development House does it and corners the market remains to be seen. What is plain is that the other DMS providers now ignore Sharepoint at their peril and are faced with three options:
Provide substantial and new benefits that Sharepoint cannot offer which will at the least slow the rate of attrition.
Develop their DMS offering to provide the features that are integral to Sharepoint but not to a traditional DMS and compete with Sharepoint head to head.
Integrate with Sharepoint to the nth level and consequently get bought by Microsoft.
So to conclude: “May they find what they are looking for, may they come to the attention of powerful people and may they live in interesting times.”

I saw someone write that they'd be interested to hear some reaction/views from OpenText or Autonomy. Well, I work for OpenText and as far as one can communicate in a blog comment here's my view. 🙂
SharePoint is a player in the DMS space whether you're talking about the legal vertical or any other. The real questions revolve around what your 'do or die' required DMS features are and whether you need them as close to 'out of the box' as possible or you're willing to pay to get them. When SP2007 arrived there was mass discussion about how it was going to run all over all the traditional DMS vendors and take over the world. Didn't happen. Same discussions, to a lesser degree, have occurred since the release of SP2010. Will it be the version that tips the scales? Maybe, maybe not. I still believe, and my experience has shown, that people will buy the product that best suits their specific requirements…business and technical. Specifically in legal, so far over 90% of all the firms we work with who have evaluated whether or not SP2010 could be their full-time DMS have come back and said “no, but we will use SP in XYZ capacity and the best solution for us is integrating our traditional DMS with our SP strategy,” or something to that effect.
So, that brings me to this MS whitepaper and what CC is doing. CC has obviously made the decision that SP2010…and most importantly the customizations being done to meet their specific requirements…is the strategic direction they want to go in. What the whitepaper does not delve into is what the costs are to make SP2010 do everything CC wants/needs it to do. The paper states that CC took 4 months to evaluate…as their legacy vendor I know they have been evaluating SP for much, much longer than that. As for the costs, I have no idea how much, if any, MS is charging CC for the entire project (as a vendor, I can guess…and it wouldn't cover lunch 🙂 ) but based on what I do know about MS professional services and dev bill rates it has to be seven figures that MS has put into the project to date.
Finally, on topic of what will legacy vendors do…. At OpenText we have practiced a 'Better Together' partnership with MS for a number of years now…and it has worked very well for us. In our Legal Solutions group we offer two different approaches for document management with SP technologies. One, is to provide very deep, very robust integrations with our legacy eDOCS product. Here, our customers can use simple webparts to securely expose eDOCS managed contnet in SP, or they can have invisible consumption of SP content into eDOCS. The other approach is our Legal Content Management product which is based entirely on SP; that is, we don't try to enhance the core DMS functionality of SP at all. Instead we make it easer for customers to repeatedly and efficiently deploy matter sites and doc libraries in SP. And behind the scenes, we can offer the scalability and records compliance where SP does sometimes fall short.
Our strategy is not to be competitive per se, but sometimes it will just happen…that's life. It's incumbent on us to provide all the possibilities for our existing and future customers and I like where we're at today…and I like where we're going as well.

It's hard for me to get enthusiastic about this without details of the security migration. To me the most interesting, difficult, and important aspect of this project is security–a subject frighteningly absent from this white paper. How in the world do you move 25 million documents from one security model to another very different one without drastically affecting access at the document level? Was there some method of evaluating each document for changes, or did they just “wing it?” We are a much smaller firm, with far fewer documents in DM5. It took me about an hour of querying our DM5 security structure to realize that it would be impossible to exactly replicate the legacy security on documents brought into SharePoint. So what compromises/accommodations did Clifford make for security, and what's it costing them?

The real point here is ease of use and total interconnectability with your interface of choice. Like it or not by adopting a standard, EG, Microsoft you enhance the ability to interconnect between different applications, data and devices.

Was it Jan that famously said, nobody ever gets fired for buying Microsoft? As someone who is actively considering implementing a new DMS in the next 12-18 months I have to say I find the news that MS are making inroads into the legal sector very exciting. I have also seen the offering from Workshare (built on sp2010) and again am initially impressed.
Like them or not (and having just reviewed my licensing models im in the not like camp at the moment!) they are here to stay and will cause massive change, mainly for the good.
What would be nice to see would be vendors, and not just the usual suspects, working with MS on this.

CC writes: Here's a comment by Jan Durant that our blog platform stalled over… “We have brought across all the legacy security from DM5. Call Sword and talk to them about the synchronisation/migration tool they now have !” (Blame our crappy not Jan)

The picture I'm putting together is that Jan Durant is an IT person at Lewis Silkin who is referring to the fact that Lewis Silkin “brought across all the legacy security from DM5” using a tool by Sword. It's believable to me that a 250-employee firm with a light document count and little or no “deny” permissions on the legacy docs could completely reproduce DM5 permissions using native SP security. Much more difficult to believe when the firm has thousands of users and 25M documents. We are twice the size of Lewis Silkin, with maybe 5M documents, of which about 100,000 have “deny” rights in DM5. A second question would be: how do you verify that document security has been successfully “brought over?” This is a pretty deep mathematical task, and to demonstrate equivalence, you'd need to effectively generate two lists, each containing the cross product of usersXdocuments, and run them up against each other. Is anyone actually doing this? Does anyone know how to do it?
I'd love to hear from someone at Sword about their product and how it works, and I will reach out to them. In the meantime, if anyone here has a contact there, please invite them to share, or please share any details if you know how their solution operates.

Anna here – “Wing it” Lewis Silkin did not. I was involved in designing and writing the migration process. Having worked for Hummingbird for a number of years, understanding the security model and planning how this was to be transferred across to SharePoint was planned like a military operation. Proof is in the pudding – all transferred across successfully with security intact.

Hi, its Terry Coyne from Sword here, I am the key point of contact for our Excalibur SharePoint DMS plus other Legal services we offer including migrations (not just SharePoint) plus SharePoint 2010 portals (internet/intranet/extranet), SharePoint workflow/BPM and Document Imaging/Capture. please feel to email me at or call me on 07768 545931. Thanks.

Thanks for chiming in Terry. I've sent you an email with some specific concerns and questions. I'm on vacation all of next week, but I would gladly continue this dialog during that time.

Thank you, Anna. Sorry to be jumping back into this thread three weeks late. I was on vacation for a week and it took two weeks to dig out, but I'm still interested in this topic and grateful for your input. Could you provide details of the Lewis Silkin migration, such as
1) how many documents were migrated in total?
2) how many of those documents were “wide open” (i.e. accessible to everyone)?
3) how many of those documents carried “deny” rights of any kind?
4) how many new SP groups were needed to recreate the legacy security?
5) what's the maximum number of SP groups that any one user belongs to now?
6) how many new SP groups do you expect to create over the next 5 years?
For me, SharePoint’s lack of “deny” rights is the thorny issue. In situations where denials are applied to tens of thousands of documents in DM5, I’m afraid it will be impractical or impossible to exactly replicate security in SP. Some of us who want to do what you've done may answer questions 1-3 in ways that are incompatible with Sharepoint's capacity to handle 4-6 (see, and even when exact security equivalence can be attained (i.e. a perfect user-document mapping on the day of migration), I don’t see how the equivalence can be maintained into the future, as new users enter the pool, without sophisticated or burdensome means to maintain current membership in thousands of groups and access lists (which lists and groups DM5 avoids by virtue of “deny” capability).
If Clifford Chance migrated 25 million documents into SP without conceding or compromising security in any way, I think they must have gone a mighty distance around or beyond SP native security in order to do it (and if they’ve circumvented or augmented native SP security, is it accurate to say they’re using “SP as a DMS”?). If I were planning today to migrate and manage a legacy DM5 collection in a SP environment, I would consider security my biggest hurdle, by far. And if I found a way to get over it in style, I would spend 40% of my white paper bragging about it. I’m astonished that security warrants only one mention and zero details in their white paper. Is no one else interested in security?
BTW, while on vacation I did have a 30-minute conversation with Terry Coyne and one of his technical colleagues from Sword. I found them knowledgeable, gracious, and realistic about their challenges and opportunities. I think they have much to offer, and anyone who’s ready to leap would do well to call Terry first. Sword may have useful solutions for many customers in many situations, but Terry did not suggest to me that they presently have the generic ability to take any and every DM5 security configuration into SP. I will send him a heads up about this post and invite him to comment.
I would be glad to discuss in greater depth the difficulties I see in the DM5 -> SP security migration, and would also like to hear other concerns and approaches to the security question.

Comments are closed.