Let’s get your team trained and using Microsoft Copilot and moving your business forward. Click here to book +61 3 4803 4915Client PortalRemote Support
Belton IT Nexus
NZ AU
Contact us
01 Run

We become your IT department and own the day-to-day.

Managed IT Your whole environment, owned Managed Devices Endpoints, patched & tracked Microsoft 365 The workplace, managed Cloud & Azure Networks, Wi-Fi, voice
02 Protect

Security operations you can verify, and show.

24-Hour CyberSOC Security ops that don't clock off Compliance Reviews Aligned to Essential 8 & ISO Backup & Recovery Provably restorable Identity & Email MFA enforced, threats stopped
03 Improve

Honest strategy and predictable budgets.

IT Advisory & vCIO Honest, predictable plans AI & Copilot Where it genuinely helps Compliance & Governance Audit-ready evidence Projects & Consulting Build what you can't buy
Belton · Run / Protect / ImproveView all services ›
Professional Services

Firms that run on trust, time and confidential data.

Accounting Ledgers & client data Legal Privilege & matter files Business Advisory Plans & reporting Mortgage & Finance Loan files & AML/CFT Insurance Claims & client records Insurance Brokers Cover & premiums
Built & Made

Site, studio and floor, where uptime is the product.

Construction Sites & project files Architecture Drawings & large models Quantity Surveyors Cost data & big files Manufacturing Floor & ERP uptime Healthcare Patient data & privacy
Trade & Technology

Fast-moving operations that can't carry downtime.

Logistics Fleet, orders & tracking Retail & Wholesale POS & storefronts Technology Cloud-native teams Distribution Inventory & systems
Belton · Sector-specialised IT & securityAll industries ›
Guides & Frameworks

Plain-English playbooks for the controls that matter.

Essential Eight ASD's eight, explained DIY Cybersecurity Lock down the basics Cyber Standards Guide ISO, SMB1001 & more M365 Selection Guide Pick the right licences
Tools & Assessments

Self-serve checks that map where you stand.

Security Assessment Score your posture Network Assessment Find the weak spots M365 Security Checklist Find the gaps Cyber Insurance Readiness Be claim-ready
Reading & Learning

Get more from the tools you already pay for.

SME Tech Outlook 2026 Where NZ tech heads next Copilot Learning Hands-on with Copilot FAQ Straight answers CEO's Blog Plain-English views
Belton · Knowledge, not gatekeepingResource library ›
The Firm

A senior team with the skills and scale for any project.

About Belton Who we are, plainly How We Work Our delivery process Who We Work With The fit we look for Leadership Jason & Amy Agnew + team
Proof & Partners

The evidence behind the claims, and ways to build with us.

Case Studies Real outcomes, named Accreditations The proof behind the practice Industries Sector-specialised White-label / Partners Our bench, your brand
Connect

Real people, fast, no ticket-queue runaround.

Contact Us Talk to a human, today Book a Session A 90-minute discovery Find Us Newmarket, Auckland Remote Support Get help now
Belton IT Nexus · Est. 2004 · Newmarket, AucklandAbout us ›
Home/ Industries/ Legal

Managed IT for Australian law firms, built around your obligations.

Privacy Act 2020 and Law Society compliance. Security that respects privilege. Tooling that fits how lawyers actually work.

Privilegeenforced in software AML/CFTaligned controls e-Discoveryready infrastructure NZLSpractice-audit ready
Legal IT
§01

Technology that upholds your ethical obligations

The brief

Law firms in New Zealand carry a regulatory load most other industries do not. Privileged communication, defensible retention, conflict checking, AML/CFT verification, OPC notification timelines, these are not best practices. They are obligations enforced by the Law Society, the Office of the Privacy Commissioner, and the Department of Internal Affairs.

Most managed IT providers can install Microsoft 365 and call it a day. We configure it for the way lawyers work: each matter partitioned, every access logged, sensitivity labels applied automatically, and the audit trail ready when an insurer or regulator asks.

The rules Australian law firms work under

Privacy Act 2020. Sets the baseline for how personal information is collected, stored, used, and disclosed. The Office of the Privacy Commissioner expects breach notification within 72 hours of confirming a notifiable privacy breach. For law firms, almost everything you handle is in scope, so the controls need to be both strong and verifiable.

Lawyers and Conveyancers Act 2006 and its Conduct and Client Care Rules 2008. Govern client confidentiality, conflict checking, file retention, and the trust-account discipline expected of every NZ practice. The Law Society audits against these.

AML/CFT Act 2009. Applies to most conveyancing and trust-account work. Requires identity verification, transaction monitoring, suspicious activity reporting, and an annual report to the DIA. Your IT setup needs to support evidence retention long enough to satisfy regulator inspection.

Privilege boundaries enforced in software, not just process.
Platforms
§02

The tools Australian law firms use, and what we do with each

Platform-agnostic

We are platform-agnostic but practical. The platforms we deploy and manage for NZ firms include the ones most partners and practice managers will already recognise. We are not selling you any of these. We make sure the ones you have chosen work properly together, with the security, backup, and audit evidence your regulators expect.

Practice management
LEAP, Smokeball, ActionStep
LEAP Legal Software, Smokeball, ActionStep, FilePro, plus legacy Lexis Affinity and Convolex environments.
Document management
NetDocuments & iManage
NetDocuments, iManage Work, M-Files, and SharePoint with legal templates and role-based permissions.
e-Discovery & AML/CFT
Purview & First AML
Microsoft Purview eDiscovery, Relativity, and Logikcull, plus First AML, Initialism, and Entra Verified ID.
Understanding your challenges
§03

The IT challenges law firms face

Challenge & answer
Common challenges
What gets in the way
Client matter confidentiality and privilege protection. Targeted cyber attacks seeking sensitive information. Document retention and defensible destruction. Secure communication with clients and counsel. E-discovery requirements and litigation support.
How Belton helps
What we put in place
Zero-trust security architecture protecting all access. Advanced threat protection against targeted attacks. Document management with automated retention policies. Encrypted communication and secure client portals. E-discovery ready infrastructure with audit trails.
How we support law firms
§04

Relevant services

Built for legal practice
Protect
Security Assessment
A clear read on your posture, with conditional access, sensitivity labelling, and a complete audit trail for inspection.
Explore ›
Protect
Email Security
Defender for Office 365 tuned for legal use, with encrypted gateways for sensitive correspondence and counsel.
Explore ›
Protect
Backup & Recovery
Encrypted backups with an offline copy and defensible retention and destruction backed by audit evidence.
Explore ›
Productivity
Cloud Migration
Moves to LEAP or ActionStep from older on-premise systems, with data migration and parallel-running during cutover.
Explore ›
Strategy
e-Discovery Support
Purview eDiscovery, defensible deletion, hold management, and chain-of-custody export for matters of any size.
Explore ›
Foundation
Managed IT
Monitoring, support, security, Microsoft 365, endpoint protection, backup, and quarterly reviews under one fixed-monthly price.
Explore ›
By the numbers
§05

What partners can budget for

On the record
$0+
Per user / month,
fully scoped managed IT
0hr
OPC breach
notification window
0d
Typical cloud
migration end-to-end
E8
Essential Eight
aligned controls
Common questions
§06

Legal IT FAQ for NZ firms

Before you switch

Law firms in New Zealand must comply with the Privacy Act 2020, the Lawyers and Conveyancers Act 2006, and the Lawyers and Conveyancers Act (Lawyers: Conduct and Client Care) Rules 2008. These cover client confidentiality, document retention, secure communication, and conflict checking. The AML/CFT Act 2009 also applies to most conveyancing and trust account work, requiring identity verification, transaction monitoring, and reporting to the DIA.

Privileged communication needs end-to-end encryption, granular access control, and a complete audit trail. We typically deploy Microsoft 365 with conditional access, sensitivity labelling via Microsoft Purview, encrypted client portals for matter exchange, and document management systems with role-based permissions. Each matter is partitioned, all access is logged, and the audit trail is available for inspection if regulators or insurers require it.

We deploy and support the major legal DMS platforms used by NZ firms: NetDocuments, iManage Work, LEAP Legal Software, Smokeball, ActionStep, FilePro, and SharePoint with legal templates. The right choice depends on firm size, practice areas, and whether you are cloud-only or hybrid. We can run a needs-assessment and migration if you are considering a change.

We configure e-discovery readiness using Microsoft Purview eDiscovery (Standard or Premium) for matters held in Microsoft 365, plus dedicated platforms like Relativity or Logikcull for larger matters. Critical capabilities include defensible deletion, hold management, search across mailboxes and document stores, and chain-of-custody export. We can also integrate with external discovery providers where required.

Yes. The most common NZ migrations are to LEAP or ActionStep (cloud-native), or moving from older on-premise systems like Lexis Affinity, Convolex, or HotDocs onto a modern cloud platform. We handle data migration, user training, integration with Microsoft 365, and parallel-running during the cutover. Most firms see a 30-90 day end-to-end project.

NZ legal cyber insurers (Vero, AIG, Chubb, Berkshire Hathaway) typically require multi-factor authentication on all accounts, endpoint detection and response, 24/7 monitoring, a written incident response plan, encrypted backups with an offline copy, and regular vulnerability scanning. Premiums increasingly drop materially when these controls are in place. We assess insurer requirements before renewal and maintain evidence of controls so the renewal application is straightforward.

Most Australian law firms spend between $100 and $200 per user per month on managed IT, covering monitoring, support, security, Microsoft 365 licences, endpoint protection, backup, and quarterly reviews. Document management licences are usually separate and depend on platform. Specialist eDiscovery or AML/CFT tooling sits on top. We provide fully scoped fixed-monthly pricing so partners can budget without surprise bills.

An honest word on investment

The best version of this page is a choice.

Outcomes follow investment

Everything described here is real and achievable, for businesses that choose to align to the best standard and invest in it. With full investment, we can promise outcomes. With half the investment, we can promise half the outcomes. Neither is wrong. Invest at the level that fits your business, a little or a lot, and we'll align the solution honestly to that level. Four things usually set the dial:

01
Uptime
How much downtime can the business actually carry? Minutes, hours or days changes the architecture, and the investment.
02
Recovery
When something fails, how fast must you be back, and how much data can you afford to lose? Faster and less both cost more.
03
Alignment
How closely do you align to standards like the Essential Eight and ISO 27001? Each maturity level is a step up in evidence, and effort.
04
Sovereignty
Where must your data live? Onshore, sovereign hosting is there when it's required, priced plainly.

We'll tell you plainly what each level buys, and what it doesn't. That conversation is the first thing the 90-minute session settles.

Ready to see where
your firm stands?

Thirty minutes with one of our senior engineers is the fastest way to get a clear read on your current setup, where the regulatory exposure is, and what would change first.

Book the session Security assessment
NEW ZEALAND OWNED & OPERATED EST. 2004
Sovereign by design

New Zealand owned and operated.

Sovereign data centres across New Zealand and Australia, with your data kept onshore wherever it's required. Our team understands New Zealand, and our leaders have built, scaled and secured businesses right across the New Zealand landscape.

Sovereign data centres · New Zealand & Australia
  • Auckland
  • Christchurch
  • Sydney
  • Melbourne
  • Brisbane
  • Perth
International data-centre operations
  • Singapore
  • Germany
  • Netherlands
  • USA

Servers available in minutes, not days.

Explore data centres & hosting →
Accredited partners
Microsoft Solutions Partner Fortinet Partner Lenovo Partner HP Partner Apple Business Manager