Industries / Legal
Microsoft 365 for law firms.
Document governance, not document management.
Mid-market firms, AmLaw 200 reach, and corporate legal departments. We engineer the Purview labeling, retention, eDiscovery readiness, and matter-driven SharePoint architecture — for firms running iManage / NetDocuments alongside M365, and for firms running M365 as the primary document layer. Vendor-neutral, no DMS resale.
ABA Formal Opinion 477R (2017) and the 50-state successor opinions establish that lawyers have a continuing obligation to assess and adopt reasonable cybersecurity measures. The bar increasingly defines 'reasonable' through specific technical controls — encryption, MFA, audit logging, sensitivity labels — not through policies on a shelf.
Why labor-only matters in legal
The legal IT market is dominated by reseller-led firms pushing iManage or NetDocuments.
Both DMS platforms are excellent. The friction is the engagement model. Most legal-IT consulting firms earn margin on the DMS license, the matter-management add-on, the email-management bolt-on, and the integration services. That model has merit; it also has structural bias toward the upsell. Labor-only consulting is the alternative for firms that want senior Microsoft engineering without the resale layer.
Pro IT NW does the Microsoft stack. We don't resell iManage. We don't resell NetDocuments. We don't carry partner badges that pay us to land on a particular SKU. For firms that have already made their DMS choice, that means we engineer M365 around the DMS without trying to displace it. For firms that haven't made the choice — increasingly common among smaller and mid-market firms — we engineer the M365-primary architecture honestly, including being clear about where M365 alone hits its limits.
The work happens inside your tenant, under your controls, with engineering accounts you provision and revoke. Privilege handling is a configuration discipline; we work at the metadata and policy layer, not in the underlying matter content. Most engagements complete with zero privileged content ever surfaced to an engineering account — the work is labels, retention, permissions, and provisioning automation, not the documents inside.
Four project shapes
Where we typically engage in legal.
Most engagements draw from one or two of these. Document governance is the most common entry point; eDiscovery readiness and M&A tenant work are event-driven.
Project shape 01
Document governance via Purview
Most firms have years of accumulated documents in some mix of file servers, an aging DMS, OneDrive sprawl, and SharePoint sites that grew without governance. The Purview work cleans that up: a sensitivity-label model that reflects how matters actually behave, retention policies that map to matter lifecycle and bar-rule expectations, and DLP guardrails that prevent privileged content from leaking out of the firm.
- ›Sensitivity-label taxonomy (privileged / confidential / client-restricted / public)
- ›Auto-labeling for SharePoint sites, document libraries, and email keywords
- ›Retention label model tied to matter close-out and statute-of-limitations windows
- ›DLP policies for privileged-content egress (email, Teams chat, OneDrive sharing)
- ›Information-barrier policies between conflicted practice groups (where applicable)
- ›Audit logging baseline with retention sufficient for ethics and malpractice review
Project shape 02
Matter-driven SharePoint architecture
Matter-driven IA is the pattern most legal IT teams aspire to and few actually implement cleanly. The work isn't a one-time migration — it's a provisioning-automation problem. Every new matter spawns a site with the right naming, the right labels, the right retention, the right access model. Done well, the architecture eliminates the cleanup project most firms keep deferring.
- ›Matter-site provisioning automation tied to the matter-management or DMS system
- ›Deterministic naming and metadata model (client / matter / practice group / partner)
- ›Hub-site architecture for practice groups, clients, and matter aggregations
- ›Permissions model — matter team / firm / restricted / external counsel
- ›External-collaboration controls — guest access without privilege spillage
- ›Matter close-out workflow — retention applied, access archived, evidence preserved
Project shape 03
eDiscovery readiness and litigation hold
The technical readiness for eDiscovery is whether legal can preserve, search, and export firm content quickly and defensibly when a hold lands. Most firms have the licensing — what they don't have is the configuration, the role assignments, and the rehearsed runbook. The work is making eDiscovery actually usable on a Tuesday afternoon when the duty partner needs it.
- ›eDiscovery (Standard or Premium) configuration and role-based access
- ›Custodian-management workflow integrated with the matter-management system
- ›Litigation hold playbook with documented preservation evidence
- ›Search-and-export tested against firm's actual content patterns
- ›Audit-trail review for hold-compliance evidence
- ›Integration with outside counsel and external eDiscovery vendors when invoked
Project shape 04
M&A tenant integration
Law-firm mergers and lateral group moves both involve M365 tenant work. The technical pattern is tenant-to-tenant migration with matter-aware sequencing; the legal-side dependencies (conflict checks, attorney mobility timing, post-merger bar obligations) shape the schedule.
- ›Tenant-to-tenant migration of mailboxes, OneDrive, SharePoint, Teams
- ›Matter-aware sequencing — content follows the lawyers and the conflict resolution
- ›Identity rebuild on the receiving tenant with proper role-segregation
- ›Retention and label re-application on the destination tenant
- ›Outside-counsel and client-portal integration on the merged firm's tenant
- ›Phased coexistence over 4–8 month windows for larger mergers
Common configuration patterns
The recurring problems we engineer for in firm environments.
Each of these is a discrete configuration problem with a known solution shape. Most engagements include some combination of them.
Privilege protection in chat and collaboration
Teams chat is where privileged content most often leaks — an attorney quickly answering a question, an administrative team member resharing a thread. DLP policies for privileged keywords plus sensitivity-label inheritance on Teams chat plus retention discipline are the actual controls. The risk is real and the configuration is mostly off by default.
External counsel and client-portal collaboration
Sharing matter content with external counsel or clients without bleeding privilege is the daily reality of firm IT. SharePoint guest access with sensitivity-label enforcement, channel-scoped Teams collaboration, and DLP-controlled sharing are the building blocks. We engineer the model; the firm-level policy on what's shareable belongs to the practice leadership.
Information barriers between practice groups
When the firm has practice groups that occasionally adverse each other, information-barrier policies in M365 prevent accidental cross-group access. The technical configuration is the easy part; the operational policy of who-walls-from-whom is a partnership-level decision the firm makes; we implement it.
Lateral attorney onboarding and offboarding
Lateral hires arriving with their book of business and lateral departures taking a book with them are standard firm reality. The IT-side work is access-provisioning discipline on arrival and content-preservation discipline on departure — both bounded by bar rules on file portability and client choice.
What we don't do
The line between technology engineering and legal practice is bright.
Legal-IT consulting frequently strays into territory that belongs to the lawyers. We don't. The exclusions below are not reluctant — they're the defining shape of the model.
No bar-association ethics opinions.
State-specific cloud-computing rules, attorney-client privilege protections, and ethics-opinion interpretation belong to the firm's general counsel or ethics partner. We engineer the technical controls and document the implementation. The ethics opinion is the lawyers' work.
No DMS resale or DMS opinion-pushing.
iManage, NetDocuments, ProLaw, and the field of legal-specific document platforms are firm-level strategic choices. We don't sell into or out of any of them. We engineer the M365 architecture around whichever choice the firm has made.
No conflict-check or matter-management software replacement.
The conflicts system, the matter-management platform, and the time-and-billing system are vertical platforms with deep workflow integration. We integrate M365 with them; we don't try to replace them with a SharePoint hack.
No litigation-hold legal advice.
Whether a hold is properly scoped, when it should be released, and what spoliation risk attaches to which content are legal-judgment calls. We engineer the preservation and search infrastructure. The lawyers make the calls.
Recent legal references
Anonymized engagement profiles.
No client names. Sector + size + scope. The full engagement notes are on /work/.
Mid-market firm, ~180 attorneys across 4 offices
Purview sensitivity-label rollout + matter-driven SharePoint architecture. eDiscovery (Premium) configuration alongside.
Boutique IP litigation firm, ~60 attorneys
M365 hardening following migration off legacy on-prem file server. Sensitivity labels for privileged work product, retention model.
Two-firm merger, combined ~320 attorneys
Tenant-to-tenant migration over 6 months. Conflict-check-driven sequencing. Post-merger label and retention uplift to combined-firm baseline.
Fortune 500 corporate legal department, ~85 in-house counsel
Litigation hold readiness and eDiscovery (Premium) configuration. Integration with parent organization's existing M365 tenant.
Where to go next
Read the related work.
Service pillar
Identity, Security & Compliance
AD audit, Entra ID hybrid, Conditional Access, Purview. The full identity and compliance pillar.
Read more
Service
SharePoint & OneDrive Migration
File-server-to-SharePoint migrations and SharePoint architecture work for matter-driven IA.
Read more
Service
Tenant-to-Tenant Migration
Law-firm mergers, lateral group moves, and corporate-legal integration with parent tenants.
Read more
FAQ
Common questions from legal buyers.
Are you replacing iManage / NetDocuments?
Almost never. iManage and NetDocuments are mature DMS platforms with deep workflow and matter-management features that purpose-built Microsoft 365 doesn't match. Most of our legal customers either run iManage / NetDocuments alongside M365 (most common) or they've made a deliberate strategic decision not to add a vertical platform and run M365 as the primary document layer (less common but increasingly viable for smaller firms). We engineer the M365 stack for whichever model the firm has chosen. We don't sell the firm into or out of a DMS — that's a firm-level strategic decision belonging to the managing partners.
Can you give us an opinion on bar association ethics rules?
No. State bar association rules on data handling, attorney-client privilege protection, and cloud computing are jurisdiction-specific and constantly evolving — and they're a legal-ethics opinion, not a technology opinion. We engineer the technical controls (encryption, access controls, audit logging, retention, sensitivity labels, DLP) that map to common bar-rule expectations, and we document the implementation. The firm's general counsel or ethics partner reviews the configuration against the firm's specific bar obligations. The technical work is ours; the ethics opinion belongs to the lawyers.
What does matter-driven information architecture actually look like?
The shape varies by firm size and practice mix, but the pattern is consistent: each matter gets a SharePoint site (or a Teams channel backed by a SharePoint site) with a deterministic naming convention, automated provisioning from the matter-management or DMS system, sensitivity labels applied at site creation, and retention policies tied to matter close-out. The result is that every matter document inherits the right governance from the moment it's created — versus the post-hoc cleanup most firms eventually face. The architecture is the work; the labels and retention are the enforcement layer.
Do we need eDiscovery (Premium) or is the standard included version enough?
Depends on the volume of internal litigation hold work and the size of the firm. For most mid-market firms, eDiscovery (Standard) — included with E3/E5 — covers internal matters and HR-driven holds adequately. Firms with frequent regulatory holds, large outbound litigation as part of corporate practice, or AmLaw-200 scale generally benefit from eDiscovery (Premium) for the case-management features, advanced indexing, and machine-learning review. We assess the actual usage pattern first; the licensing recommendation reflects the use case, not a SKU push.
How does an M&A tenant integration work for two merging firms?
Carefully. Law-firm mergers are different from corporate M&A in three ways: (1) attorney mobility means matter content has to follow the lawyers cleanly; (2) conflict-check obligations mean the integration timeline can't outpace the conflicts review; (3) the combined firm's bar obligations may differ from either predecessor firm's, so the post-merger control baseline often needs uplift. The technical pattern is a phased tenant-to-tenant migration with matter-aware sequencing — but the legal-side dependencies drive the schedule, not the technology. Engagements typically run 4–8 months for firms in the 100–400 attorney range.
Document governance project on the runway?
Tell us the firm size, the DMS situation (iManage / NetDocuments / M365-primary), and the project (Purview rollout, matter-driven IA, eDiscovery readiness, M&A tenant). Two-business-day response with scope and timeline.