Law firm migrates from Microsoft 365 to sovereign Nextcloud
Law firm (anonymized)
Metrics
- Users migrated
- 62
- Transition time
- 16 weeks
- Licensing cost
- −41%
Challenge
A Portuguese law firm with 62 lawyers and staff worked with public and private European clients subject to strict confidentiality rules. Although Microsoft 365 was technically solid, the partner responsible for data protection repeatedly raised the question of US CLOUD Act exposure - an exposure that, for the legal sector, was contractually uncomfortable to explain to clients.
Approach
We defined three principles:
- Sensitive case data moves to cloud under exclusively European jurisdiction.
- The transition cannot stop work for more than 48 hours.
- The user interface for lawyers cannot be radically different - the learning curve kills adoption.
Stack choice: Nextcloud Workspace (hosted on IONOS Frankfurt, with C5 and IT-Grundschutz) + ONLYOFFICE integrated for Word/Excel/PowerPoint compatible editing + Authentik for SSO. Email migrated to a Proton Mail Business plan with the firm's own domain.
Phased migration in four waves of 15–16 users each, with M365 ↔ Nextcloud coexistence for twelve weeks. Short 90-minute per-lawyer training, focused only on what changed.
Outcome
Migration completed in 16 weeks. Licensing cost per user dropped 41% (Nextcloud + Proton vs M365 Business Premium + add-ons). Zero data-loss incidents during the transition. The firm's DPO delivered a sovereignty report to the bar president documenting that client data no longer circulates through non-European jurisdictions.
Continuous operations stay with us under a monthly SLA.