Category: Contract Security
Do DNS attacks mean you should have a backup plan?
Last week, DNS attacks leveled key gateways leading to dozens of outages amongst business applications. For so many companies who have become dependent on SaaS applications or cloud-based services it was a scary event that at a minimum led to a loss of productivity.
Do DNS attacks qualify as a disaster?
They can. There is no guarantee that a provider can get back up quickly. Many of our competitors tout they are “cloud only” and bragging that on-premise software is dead and buried.
We offer a web-based solution, but allow customers to deploy in their private cloud, the public cloud or on-premise. In the event of a disaster, our customers can re-deploy their applications and recover their data to a protected, in-house offering. Sure, it’s not immediate but it beats never knowing if you can get back up and running.
Make sure you protect your contracts. The Cloud is great, but without a backup option you won’t end up with sunny skies.
To find out more about how you can protect your contracts with Exari, click here.
Are you still drafting thousands of contracts manually? In Word? Or storing multiple versions of paper contracts in a filing cabinet? Well, you’re not alone.
Exari recently surveyed 92 Corporate Counsel and compliance professionals about their habits and challenges for contract creation, storage and legal technology. More than 75% reported that they were still creating contracts in Microsoft Word, using some form of “copy and paste” template, while only 1 out of 10 currently use a document generation software to streamline the process. Half of the participants (47%) said they were still using paper filing systems to house corporate contracts. Their top pain points included:
- Slow contract approval processes (59%)
- Little or non-existent insight into risk (39%)
- Missing key milestones (27%)
- Difficulty with internal collaboration (25%)
- Risk of error (23%)
With outdated practices for generating and storing contracts, you’ll lack complete visibility into all of your agreements, increasing your risks such as liability, being underpaid or overcharged and missing key milestones. By implementing an efficient contracting process, you won’t miss a step. Not to mention you’ll be able to pull information during a crisis in minutes, rather than taking hours to dig up and sift through multiple paper copies. Avoid missing renewal rates, reduce the length of sales cycles, streamline negotiations and increase internal collaboration.
Doesn’t that sound better than the ol’ “copy and paste”?
Who cares, you ask?
Well, you should.
Every business runs on contracts. And every business knows their customers (CRM) their accounts (financials) their suppliers (procurement) and their employees (HCM). What do all of these have in common? They are ruled and governed by contracts.
It’s a fact: most companies don’t know what’s in their contracts. Revenue. Risk. Obligations. Miss a commitment and you could lose a customer, an important relationship, your reputation, your job.
Enter Exari Contracts Hub.
With the Hub, you can store and analyze your contracts in a user-friendly and completely secure hosted environment. Using Exari’s patented technology, you can quickly and easily enter your contract data through our unique interview process or use one of our partners to do it for you.
Why the Hub?
We’ve heard over and over again that most contract lifecycle management solutions enforce burdensome workflow, proprietary data stores and cumbersome user interfaces. What do most companies want? One place to go to store, search and analyze their contracts.
Exari Contracts Hub is that place. Easy to store and search contracts. Easy to report on the data buried within. Easy to use for any business user and at a price point sure to make the CFO smile.
Hedge funds deal in risk: it’s how they make money for their clients, it’s how they build and prosper. But while hedge funds and asset managers may be experts in managing financial risk, they must come to grasps with the new and evolving risk that threatens their entire business model: the risk of a hack.
Our fearless founder, Jamie, was recently interviewed by online magazine ThinkAdvisor, a self-described “thought leadership destination for financial advisors,” about what hedge funds must do to prepare for cybersecurity threats. Cybersecurity is a topic we at Exari are quite familiar with: our products are designed to provide the contract visibility financial firms need to prepare for and recover from hacks and breaches. We’ve written about it before and we’ll write about it again, as long as threats continue to jeopardize the information and wealth of companies and their clients.
As cyberattacks continue to evolve (see: the recent hack of up to 100 banks), it is increasingly difficult to remain ahead of the threat. The best way for financial firms to prepare is to know as much as they can before an attack occurs, both so that they know where their weaknesses are so they can be remediated, and so that recovery is a reality, not merely a plan. Indeed, FINRA’s executive vice president and chief information officer, Steve Randich, said at a cybersecurity conference held recently in New York by the Financial Industry Regulatory Authority (FINRA) and the Securities Industry and Financial Markets Association (SIFMA) that firms must accept “that breaches will happen,” and that they should focus “not just on prevention but the response” to cyberattacks.
Hedge funds and other financial institutions require complete contract visibility to combat cyberattack for three key reasons:
Responding to Threats
Firms must know where risk lives in their client contracts so that they know where to look to satisfy customer and regulator obligations in case of breach. After all, the firm’s response to a threat will depend on their contractual obligations to clients. In order not to expose themselves to the further risk, firms must be aware ahead of time of the level and timeframe necessary for disclosure in the case of breach. Firms must also be able to instantaneously assess the reach and consequences of a threat so they can avoid unnecessary – and potentially devastating – disclosures to clients and the public where they are confident the threat was benign.
Managing Third Party Vendor Risk
Firms must have full visibility into their supplier contracts, because no matter how well they may attempt to defend against hackers, the third parties they engage may not have such stalwart measures in place. Firms must be able to identify which of these vendors lack adequate data security, and fix the issue before it becomes as disaster. “You assured the investor you would meet all these levels of security,” says Jamie, “but if you now have a network of dozens of suppliers and they’re not under the same obligations, then you’re automatically in a precarious situation because you haven’t properly understood the weakest link.”
Regulators will come after un- or under-prepared firms. “Understanding the contracts with the investors tells the hedge fund what it has agreed to do,” according to Jamie. “Understanding the contracts with the suppliers tells it what it has passed down the line, and allows it to plug any gaps quickly before something bad happens.” This ability to quickly assess client obligations across hundreds or thousands of individual, negotiated contracts, can only come from having a Contract Lifecycle Management (CLM) system in place that collates all contracts and contract data in one central, searchable online repository so that the information firms need is just a few clicks away.
We’re living in the brave new world of big data. It’s here, it’s real and it’s already changing our lives in awesome ways. With all of its potential, though, comes the fear that the vast stores of information institutions hold will be used for malevolent purposes.
The news has been filled with stories about data breaches, DDoS events, and other IT attacks. A quick flip through recent headlines recalls the punishing hacks of EBay, Home Depot, Verizon and P.F. Chang’s. According to Forbes’ assessment of the first half of 2014, “Criminals are stepping up their game and data breaches are becoming both common and devastating.”
As shown by the high-profile – not to mention highly embarrassing – breaches of the past year, even the biggest organizations cannot completely shield themselves from a cyber-attack or data breach, the risks of which are too obvious and numerous to mention. After implementing oversight/prevention strategies (outlined here by the Department of Homeland Security) the best thing executives can do to mitigate risk associated with cyber threats is to be prepared for them.
In our last post we began a discussion about the relationship between legal technology and the perceived threat it poses to lawyers’ job security. We noted that claims abound warning of technological advances that will all but supplant lawyers and – gasp! – even law firms.
So what’s wrong with this notion of “robot lawyers”?
To oversimplify, the law is a human thing. Technology is a great enabler, allowing humans to focus less on the necessary cumbrous bookkeeping, administrative and practical tasks, and more on the law.
Laws regulate people (and, lest we forget, the corporate ‘person’), and are written, interpreted and enforced by people. No matter how regimented and rote, the law and its application contain degrees of reason – human reason – that algorithm cannot account for. These limitations become even more pronounced as complexity increases. And whenever reason comes into play, technology can only support – but not supplant – flesh and bone legal professionals. The real question, then, is what aspects of the law depend on human reason? Turns out, almost all.
Let’s set aside the obviously humanity-centric areas such as Constitutional and Family Law, and go straight to the heart of the beast: contract law. Technology can – and does – play an increasingly important role in contract law by enabling streamlined contract creation, tidier negotiation, intricate contract data-based reporting, and overall visibility into the lifecycle of a contract. But, in contract law as elsewhere, technology is only as useful as its use by lawyers is consistent and deliberate. Plus – and this goes without saying – it takes skilled people to create the rules, logic, and enter the data that make the software run and keep it running.
The Contract Shield: How the Management of your Contract Portfolio Protects – or Exposes – your Business
Contracts contain a wealth of information that tell you what is going on in your business. When properly drafted, negotiated and managed, they also defend your business against risks such as liability, being underpaid or overcharged, and a wide variety of the unknown and unforeseen. In short, contracts protect against risk by giving you the information you need both on an everyday basis and in times of crisis, when speed, decisiveness and certainty are key.
We have just read a very interesting post on LawSites by Robert Ambrogi that provides his thoughts on the 10 most important legal technology developments of 2013. At Exari, we’ve experienced many of these trends firsthand by working closely with dozens of leading companies on their document assembly and contract management challenges.
Imagine the following scenario: You’ve been negotiating hard on a big deal for weeks. Late nights, heated disputes, neither side giving an inch. Finally, miraculously, a compromise is reached, all parties are equally dissatisfied and the contract is inked.
We live in a litigious world, and most businesses are dealing with contracts that are both more numerous and more complex. So there are many good reasons to automate and improve the way those contracts are managed. In no particular order, here are our top five: