Many providers to law firms treat their customers with honesty and integrity, however, occasionally you may encounter hostile / predatory providers.

A hostile provider is one that will actively work to make it difficult for the client to leave.  This may include them taking actions like the following:

• Refusing to provide backups of the firm's data
• Providing incomplete backups of the firm's data
• Providing encrypted backups of the firm's data and not sharing the password
• Refusing to allow the firm to make automated backups of their data
• Reducing/throttling speeds so backups will take excessively long
• Disabling user accounts
• Blocking IP addresses
• Actively interfering with the firm's ability to transition to a new provider

Unfortunately, most hostile providers are not savvy enough to understand that, short term, their actions might enable them to hold on to a few extra clients, but long-term, their actions will cause a significant detriment to their brand.

If you are working with a potentially hostile provider, both the migration consultant and the law firm should read this article to understand the best practices for dealing with these situations.  Please note that while these are best-practices, there is no silver bullet for these scenarios: it will likely be unnecessarily time consuming.
 

1.  Never Mention You are Migrating until You are Done

Many providers, even ones that aren't hostile, will start treating the firm differently once they think you're leaving.  Never mention that you are migrating until you have all your data in-hand. 

2.  Never Mention your Consultant, Universal Migrator, or Other Tools

Similar to the above, never mention Universal Migrator or any tools, consultants, or other partners that are assisting in the migration.  Some hostile providers are even known to send "cease and desist" notices to consultants who are helping firms leave.

3.  Pick a Good Project Start Date

You should review your contract and determine your automatic renewal date and the last date you can give a notice of non-renewal.  You should start your migration at least 90 days before you must give notice of non-renewal and you should provide your notice 7 days prior to the contractually obligated date.

4.  For as long as possible, maintain a Friendly Demeanor

Try to keep things friendly with a hostile provider as long as possible.  While the provider might be hostile, (most) of the people working there really want you to be a satisfied customer.  By keeping things friendly and cordial, you can help make the transition less difficult because their employees will want to assist you.

5.  Use an On-Premise Migration Workstation

Even if you are doing a migration from a cloud-based system, you should use a migration workstation that is physically located within the client's offices.  This is done so that the IP address of your migration workstation is the same as normal traffic and will not stand out as a brand new IP accessing the firm's data from a new location.

6.  Use a "Named" Login

Always use a login that is associated to the law firm that has been used in the past.  Specifically avoid using logins like Migrations@SmithConsulting.com or SmithConsulting@LawFirm.com as these will stand out to your hostile provider.

7.  If you get blocked, be a Victim

In the event that the hostile provider blocks a user account or IP address, never mention that you are migrating.  Instead, focus on the extreme inconvenience and difficulty they have just caused your firm. Do it cordially, but insist that the provider reenable your access so that you can get back to work and use their software that you are paying for.

8.  If you get a phone call, be Polite but Insistent

Some hostile providers will act as if they are doing you a favor when they block you from taking a backup.  They may call you and say one of the following.  When that happens, if appropriate, you might consider one of the following responses.  Please note that we never recommend lying.

Hostile Provider:  One of your user accounts has been hacked so we disabled it.

Response:  No that account has not been hacked - that employee is responsible for making backups of our data.  Please re-enable it.  You're keeping him from working and from doing our company backups.

Hostile Provider:  One of your user accounts hacked us so we disabled it.

Response:  We are lawyers - not hackers.  We couldn't do that even if we wanted to.   And I thought your systems were secure.  You're causing a lot of heartache for our firm.  Please whitelist our office's IP address so you never block our legitimate access again.

Hostile Provider:  Using automated software to back up your data is against our terms of service.  They only way to get a backup is to pay us a fee.

Response:  Our bar association/cyber insurance provider/malpractice insurance provider/professional standards of conduct/client contracts/etc. require that we maintain backups of our data.  You have never prevented us from backing up our data in the past.  Please re-enable our account so we can continue to comply with our professional/ethical obligations.

9.  Never Pay a Ransom Fee

Some hostile providers will offer to provide firms with a copy of their data if the firm pays a ransom fee.  Never pay a ransom fee.  In our experience, nearly 100% of the time these backups have something wrong with them such as:

• Data that is missing or incomplete
• Data that is encrypted
• Data that is incorrectly structured
• Data that is old

Most of the time when we've seen a law firm pay a ransom fee, they end up having to pay it multiple times and then not actually being able to use the backup they are provided with.

10.  Only Threaten when Absolutely Necessary

In the event that the polite approach is failing, only threaten the hostile provider when absolutely necessary.  When you do, you may threaten to:

• Report their actions to your local/national bar associations
• Publicly disclose their actions via online mediums
• Pursue legal action against them