Home / Industries / Legal, Accounting & Advisory
Industries · Professional firms

IT support for professional firms where client work, evidence and access have to hold

Legal, accounting and advisory firms are under more pressure to prove that their systems, access and client-data controls are working.

Professional firms still run on client relationships, technical judgement and deadlines. But the technology behind that work now carries more of the operating risk: who can access client files, how documents move, whether Microsoft 365 is secure, whether backup can recover the right data, whether AI is being used safely, and whether the firm can evidence its controls when asked.

Inlight IT makes that environment more secure, supportable and easier to evidence — across Microsoft 365, identity, secure access, document systems, practice platforms, cybersecurity, backup, recovery, workflow automation, governed AI and the vendor layer around them.

Sydney & Newcastle Engineering-led, cyber-first Essential Eight-aligned evidence
1 Jul 2026AML/CTF Tranche 2 obligations now in force for affected firms
7-yearrecord retention for AML/CTF customer records
Essential Eightevidence expected by insurers and larger clients
Professional firms we support

Law firms, accounting practices and advisory firms

Professional firms share the same pressures — client confidentiality, deadlines, document-heavy work, external collaboration, insurance evidence, access control, backup and vendor complexity. The details differ by practice type, so we support the technology environment around the way each firm actually works.

Law firms

Matters · Confidentiality · Evidence

Law firms run around matters, deadlines, client confidentiality, partner oversight, document control and fee-earner access.

We support the IT environment around matter files, email, secure sharing, client portals, discovery material, cyber insurance evidence and controlled AI use.

Microsoft 365LEAPActionstepiManageNetDocumentsSharePointTeams
Common areas we support
  • Matter-level access and permission control
  • LEAP, Actionstep and practice-system support pathways
  • iManage, NetDocuments, SharePoint or hybrid document environments
  • Secure client, barrister and external adviser sharing
  • Cyber insurance evidence aligned to Essential Eight expectations
  • Governed AI, AML/CTF and APP 1 evidence support
The practical outcome: better matter access, less evidence scramble, stronger client confidentiality — and document-heavy work that stays supportable.
How Inlight IT helps

Practical IT support for professional firms under evidence and workflow pressure

Professional firms do not need more technology noise. They need the systems around client work to be secure, understandable, supportable and easier to evidence. We help with the practical operating layer: access, documents, identity, Microsoft 365, security, backup, recovery, workflow, AI and the vendors around the firm.

AML/CTF intake, screening and evidence capture

AML/CTF Tranche 2 obligations are now in force for certain services provided by lawyers, accountants and tangible-property advisers. For most firms the operational impact sits at intake: due diligence, PEP and sanctions screening, approvals, transaction monitoring, suspicious activity reporting and seven-year record retention.

We design the technology layer around that workflow — Microsoft 365, SharePoint, Lists, Teams, Power Automate, practice systems and controlled integration with screening tools.

The aim is not to make compliance feel bigger — it is to make the process controlled, repeatable and easy to support.

Cyber insurance evidence and Essential Eight alignment

Insurers and larger clients now ask for evidence, not assurance: MFA, privileged access, patching, endpoint protection, backup, restore testing, incident response and broader Essential Eight alignment. A firm can hold the right controls and still lose days assembling proof from screenshots and partner-by-partner email trails.

We keep the evidence current — MFA coverage, Conditional Access, patching position, backup and restore evidence, Microsoft 365 posture and incident-response documentation.

The firm should not discover its evidence gap when the broker questionnaire arrives.

Governed AI inside firm-controlled systems

AI is already inside professional work — summarisation, drafting, research, briefing notes, correspondence and knowledge retrieval. The risk is not that AI is useful; it is unmanaged AI touching client data or old document stores with permissions no one has reviewed for years.

We help define approved tools, data boundaries, access controls, retention and monitoring. Before Microsoft 365 Copilot or similar tools land, we review permissions, SharePoint structure and sensitivity controls first.

AI should improve professional work without moving client data into uncontrolled systems.

Matter, client and project access control

Firms have constant access movement: partners, fee earners, graduates, contractors, external counsel, outsourced bookkeepers and vendors. Access that made sense during a matter or engagement becomes a risk after the work changes.

We structure access across Microsoft 365, Teams, SharePoint, document platforms and practice systems — MFA, Conditional Access, role-based permissions, guest access, onboarding, offboarding and stale-account cleanup.

The access model should still make sense when someone leaves, changes role or finishes an engagement.

Microsoft 365, document systems and email security

Microsoft 365 is usually the operating layer — email, documents, Teams, SharePoint, OneDrive and external sharing — with practice platforms like LEAP, Actionstep, iManage, NetDocuments, FYI Docs, Xero, MYOB or NetSuite layered around it. Client work moves between platforms, not inside one system.

We make that connected environment supportable: structure, permissions, secure email, endpoint protection, identity, backup and vendor coordination.

The platforms should work together without leaving access, security and recovery as afterthoughts.

Backup, recovery and continuity for client work

Backup needs to cover what the firm actually depends on: Microsoft 365, email, document platforms, matter files, client records, finance data and practice systems. The practical question is not whether backups exist — it is whether the firm can recover the right data fast enough to keep client work moving.

We review coverage, restore evidence, recovery priority, Microsoft 365 backup, identity recovery, incident response and continuity planning.

Client work should not depend on an untested restore path.
Where this shows up

Where IT pressure shows up inside professional firms

These issues rarely arrive as neat technology projects. They show up through client work, document access, insurance renewals, compliance deadlines, vendor problems or people moving in and out of the firm.

Client, matter and project access

Access to client files, matters, working papers, data rooms and project workspaces needs to stay controlled as staff, advisers, contractors and external users change.

We make access easier to understand, manage and remove when the relationship, role or engagement changes.

Evidence for renewal, audit and client review

Cyber insurance, AML/CTF, APP 1, Essential Eight and client due-diligence conversations increasingly require evidence that controls are operating properly.

We make that evidence easier to find, explain and maintain.

Document-heavy workflows

Firms rely on email, Microsoft 365, document management, practice platforms, client portals and external collaboration.

Those systems need to work together without leaving access, retention, backup or recovery unclear.

Vendor and platform complexity

Firms rarely run on one system — Microsoft 365, LEAP, Actionstep, Xero, MYOB, QuickBooks, FYI Docs, iManage, NetDocuments and NetSuite often overlap.

We support the IT layer around those platforms and coordinate when issues cross systems.

Why Inlight IT

Practical IT support from a team that understands professional-firm operating environments

Professional firms need more than responsive helpdesk support. They need technical depth, secure-by-design systems, controlled access to client work, and evidence that the environment is being managed properly. Inlight IT brings an engineering-led, cyber-first model that connects day-to-day support with stronger operating control.

01

Practical experience with professional-firm workflows

We understand environments built around matters, clients, working papers, lodgements, data rooms, email, Teams, SharePoint and document systems. Support is shaped around the way firms actually work — not just the devices they use.

02

Engineering-led support, not ticket passing

Senior technical depth sits inside the support model, so recurring issues, access problems, Microsoft 365 configuration, vendor dependencies, backup gaps and security weaknesses get investigated properly rather than repeatedly worked around.

03

Cyber-first design across identity and access

MFA, Conditional Access, permissions, external sharing, guest access, email security, endpoint protection and offboarding are structured so client and matter access stays controlled as people change.

04

Essential Eight and cyber insurance evidence

Firms are increasingly asked to prove controls, not just claim them. We make security settings, backup coverage, recovery capability, MFA, patching and Microsoft 365 protections easier to explain to insurers, clients, partners and auditors.

05

Governed AI and secure productivity improvement

AI and automation help — but only when information access is understood first. We review where tools touch client data, documents, emails and workflows so productivity gains do not create unmanaged exposure.

06

Clear visibility for decision-makers

Owners, partners, practice managers and operations leaders get a clear view of the environment: where the risks sit, what needs improvement and which actions matter most. Practical visibility, not reporting overhead.

Services

Core services that support your firm

These services go deeper into the capabilities that support legal, accounting and advisory firms.

The whole firm environment, run as one discipline.

Support for users, devices, Microsoft 365, vendors, backups, security and daily IT operations — shaped around matters, client files and deadlines.

LEAP · Xero · iManage · FYI Docs environments supported
Explore Managed IT →

Client-data controls that can be evidenced.

Identity, endpoint protection, Microsoft 365 security, privileged access, email security, backup, recovery and insurance evidence.

Essential Eight alignment · cyber insurance evidence
Explore Cybersecurity →

Secure access for a firm that works everywhere.

Remote users, firewall policy, internet failover, VPN replacement and distributed office connectivity — without loosening client-data control.

Fortinet and Cisco Meraki capability
Explore Secure Networking & SD-WAN →

The platforms that hold client and matter data.

Microsoft 365, Azure, backup architecture, hybrid file systems, document platforms and practice-system infrastructure.

Azure · Microsoft 365 · hybrid document environments
Explore Cloud & Infrastructure →

AI and automation, adopted safely and put to real work.

Workflow automation across client intake, approvals, evidence capture, document handling, AML/CTF processes, reporting and governed AI.

Copilot readiness · Power Platform · governed AI
Explore AI & Automation →

Senior technical input before decisions lock in.

Advice ahead of platform, AI, automation, practice-system, cybersecurity, infrastructure or vendor commitments.

Platform selection · practice-system moves · vendor strategy
Explore IT Consulting →
Common questions

Questions professional firms ask us

On AML/CTF intake, practice and document platforms, cyber insurance evidence, governed AI, privacy readiness and where our work meets the platform vendors.

What changed at client intake on 1 July 2026?
Since 1 July 2026, AML/CTF Tranche 2 obligations apply to certain services provided by lawyers, accountants and tangible-property advisers. For affected firms, the impact sits directly in client intake: customer due diligence, PEP and sanctions screening, approvals, transaction monitoring, suspicious activity reporting and seven-year record retention. We help with the IT and workflow layer around those obligations — intake pathways, evidence capture, Microsoft 365 structure, access, retention, automation, reporting and vendor coordination.
Can you help law firms with LEAP, Actionstep, iManage or NetDocuments?
Yes, around the IT environment those systems depend on: identity, device access, Microsoft 365, email, permissions, secure sharing, backup, recovery, vendor coordination and support pathways. Configuration inside the legal application or document platform may remain with the relevant vendor, but we support the surrounding technology layer and coordinate where issues cross into IT.
Can you help accounting practices using Xero, MYOB, QuickBooks or FYI Docs?
Yes. We support the IT layer around those platforms: Microsoft 365, identity, access, endpoint security, client document exchange, backup, recovery, workflow automation and vendor coordination. Where the issue sits inside the accounting application itself, we work with the relevant vendor or practice-system owner.
How do you support cyber insurance evidence?
We keep operational evidence current rather than assembled at the last minute: MFA coverage, Conditional Access, privileged access review, endpoint protection, patching position, email security, backup and restore evidence, incident response documentation and Microsoft 365 security configuration. Firms answer renewal questionnaires from evidence, not memory.
Can you help with governed AI for client work?
Yes. We help firms define approved AI tools, data boundaries, access controls, retention settings, user permissions, monitoring and internal usage rules. Where Microsoft 365 Copilot or similar tools are introduced, we review the underlying Microsoft 365 permissions and information structure first. AI should not expose client data because old permissions were never cleaned up.
Can you help with APP 1 disclosure readiness?
Yes, on the technology evidence side. We help firms understand and document the systems, permissions, data locations, retention settings, external sharing, AI tool access and auditability that support privacy disclosure and operational evidence. Legal wording should sit with the firm or its privacy adviser — our role is to make the technology position clear, controlled and supportable.
Can you help when a fee earner, adviser or contractor leaves?
Yes. We help with onboarding, offboarding, role-based permissions, mailbox access, document access, Teams and SharePoint permissions, guest access, Conditional Access, MFA, device access and stale-account cleanup. Matter, client and project access remains controlled after people change role, leave the firm or finish an engagement.
Do you replace practice-system vendors?
No. We do not replace LEAP, Actionstep, Xero, MYOB, QuickBooks, NetSuite, iManage, NetDocuments, FYI Docs or other platform vendors. We support the IT systems around those platforms and coordinate with vendors where needed. The platform itself remains with the relevant application vendor and internal practice owner.
Work with Inlight IT

Make client work more secure, supportable and easier to evidence

Managed IT, cybersecurity, secure access, backup, automation and governed AI — shaped around how your firm works.

Contact us