Secure client collaboration platform replaced an insecure email-attachment culture
Legal · Toowoomba · 11 lawyers, 7 support, 1 office
The Challenge
A Toowoomba law firm specialising in family and property law was emailing 50+ MB of contracts, settlement statements and discovery materials to clients every day. Several clients had complained about emails bouncing back, while the QLS had recently published guidance flagging email-attachment practices as a confidentiality risk. The senior partner asked us bluntly: 'How do we stop being the weakest link?'
What We Did
We deployed Microsoft 365 Business Premium across the firm with sensitivity labels and DLP rules tuned to the kinds of documents lawyers actually exchange — contracts, statements of claim, trust account documents, ID. Each client now gets a private, branded SharePoint portal where documents can be shared with watermarked downloads, expiry dates, and full audit logs. Email-attachment auto-conversion to portal links was switched on for any file over 5MB. We also tightened MFA, added phishing-resistant authentication for the partners, and built a quarterly security review cadence.
"Our clients actually thanked us for the portal. We thought it would be the unpopular change — turned out it was the most-loved upgrade we've done in five years. And we sleep better knowing the partners aren't accidentally CC'ing the wrong person on a settlement."