top of page
Search

Too Secure to Use? Finding the Balance in Legal Tech

A photo-realistic image shows a man kneeling in his backyard, burying an old desktop computer that is stored inside a large black safe. He holds a shovel and is mid-motion, covering the safe with dirt. The lawn is neatly maintained, with a wooden shed and tall hedge in the background. The BlindSpot eye logo appears in the top right corner.

“The only secure system is the one that’s unplugged, locked in a safe, and buried 20 feet underground.”

— Gene Spafford


That line opens Chapter 6 of Beyond the Features, and while it’s delivered with a wink, it captures a truth that many law firms have come to learn the hard way. Security is serious business – especially in a profession built on confidentiality and trust – but there’s a point where it can tip from helpful to obstructive.


The Friction Between Security and Productivity

We’ve all seen it happen. The more locked-down a system becomes, the more likely it is that the people who are supposed to use it will start looking for ways around it.


Let’s be honest: no one gets into law because they’re passionate about password managers and multi-factor authentication tokens. Lawyers want to do good work, solve problems, and serve clients. If the tools they’re given make that harder – not easier – they’ll find shortcuts. Personal drives. USB sticks. Unsecured email threads that are “just for now.”


And suddenly, all that careful security? Undone in a click.


Designing for Real-World Use

This chapter explores that tension: how do we protect sensitive data without creating systems so rigid or complex that they become unusable?


The key lies in designing security that works with people, not against them.


  • Encryption should be automatic, not something you have to remember to turn on.

  • Access controls should be flexible enough to reflect real roles and responsibilities – not a rigid hierarchy that requires six approvals to open a folder.

  • Secure cloud platforms should integrate seamlessly with daily workflows – not sit on the side like a digital filing cabinet nobody touches.


Speed matters, too. If it takes longer to log into your secure system than to draft the document from scratch, your lawyers are going to start looking for the path of least resistance – and it probably won’t be the safest one.


Compliance Without Complication

None of this suggests we can skip compliance. Regulations like GDPR, the Australian Privacy Act, and ISO 27001exist for good reason, and the legal industry must take them seriously.


But compliance shouldn’t mean chaos. The goal is to build systems where meeting compliance obligations is a natural by-product of how the platform works – not a daily struggle.


When security becomes invisible – because it’s well-designed, integrated, and friction-free—that’s when it’s truly effective.


The Human Element of Risk

It’s tempting to think of cybersecurity as a purely technical challenge. But the truth is, the greatest risk is usually the human one.


Even the most secure system will fail if people aren’t using it correctly – or aren’t using it at all. That’s why training, communication, and buy-in are just as important as firewalls and encryption. When people understand not just how to use a system, but why it matters, they’re far more likely to follow secure practices.


Progress Over Perfection

Gene Spafford’s quote reminds us that perfect security is impossible – unless, of course, you’re happy to unplug your systems and bury them in the backyard.


But for the rest of us, the goal isn’t perfection. It’s progress.


We need systems that are:


  • Secure enough to protect what matters

  • Simple enough for people to use without shortcuts

  • Smart enough to support compliance, not complicate it


Because a secure system isn’t just one that keeps the wrong people out – it’s one that helps the right people do their work with confidence and clarity.

A digital graphic with a black background features an illustration of a secure safe with glowing green elements, including a shield, a checkmark, and a padlock. The safe is being unplugged, with two bright green power cords separating below it. On the right side, a quote in white text reads: “The only secure system is the one that’s unplugged, locked in a safe, and buried 20 feet underground.” — Gene Spafford. A green line and the BlindSpot eye logo appear at the bottom.


Get the Book!

Use code BTFEOFY25 to get 25% off the price of the PDF version until June 30th Click the image below to get your copy...


A clickable image of the Beyond the Features book cover. Clicking the image takes you to a page where you can purchase both the PDF and print versions of the book.

Comments

bottom of page