/We Support/
/CASE STUDY/

How a Modern Law Firm Is Safely Scaling GenAI with MagicMirror

Newmeyer Dillion

A Mid-size Multi-service law firm in Southern California uses MagicMirror to protect client data, guide policy, and make smarter decisions about GenAI investment.
A Mid-size Multi-service law firm in Southern California uses MagicMirror to protect client data, guide policy, and make smarter decisions about GenAI investment.
/We Support/
/THE CHALLENGE/
Enable attorneys and staff to use GenAI tools like ChatGPT and Copilot safely, without risking client confidentiality or violating privacy regulations
/BUYER/
I.T. Manager (IT + Security)
/We Support/
/TOOLS & DATA PROTECTED/
  • Tools: ChatGPT, Copilot, Gemini
  • Data: PII, legal terms, contract language, client names
No items found.
/USE CASES/
  • GenAI visibility by role (attorneys, paralegals, admins)
  • Prompt-level data protection and policy enforcement
  • Support for document drafting, research, and analytics
  • Analytics to inform tool ROI and guide investment decisions
/We Support/
/THE CHALLENGE/

Embracing AI Without Losing Control

/BUYER/
For law firms, adopting AI isn’t just about speeding up work—it’s about doing it responsibly.
The firm, which is a full-service law firm with over 100 employees, was ready to explore the productivity benefits of GenAI. Attorneys and staff had begun using tools like ChatGPT and Copilot to assist with drafting, summarization, and legal research. However, the firm’s leadership had only formally approved Microsoft Copilot for GenAI use. With no visibility into how other tools were being accessed—or whether sensitive client data was at risk—they needed a way to understand real usage before taking further steps. They needed answers to critical questions: Who was using GenAI, and how? Were tools like ChatGPT being accessed through unregulated personal accounts? Was any protected data—PII, contracts, case names—being copied into AI prompts? How could they enforce policy without disrupting work or losing attorney trust? Who was using tools that hadn’t been formally approved One key finding: despite Copilot being the approved tool, ChatGPT was far more widely adopted by attorneys. This insight directly influenced internal strategy, helping the firm reallocate investment dollars toward the tools their teams were actually using.
/We Support/

The Team & Tools in Play

The firm has over 100 employees, including attorneys, paralegals, and administrative staff.

  • At the time of deployment, eight attorneys and associates were regularly using GenAI tools, along with four administrative users. The firm currently has 35 users actively usign GenAI now that the security and protections of MagicMirror have been proven.
  • The firm utilizes Microsoft 365, with Chrome and Edge as the standard browsers across all devices.
  • Their environment includes iManage for document management, integrated Westlaw AI tools, and a mix of Teams and Webex for communication.
  • Attorneys were already exploring ChatGPT for summarizing documents and communications as well as Copilot for Word, Excel, and data prep—but some were using personal ChatGPT accounts, raising clear compliance concerns.
/We Support/

Observability in Action: Answering the Right Questions

MagicMirror helped the firm finally answer the questions they couldn’t get from firewalls or browser logs:

  • “Are we using AI the way we thought we would?”
  • “Is this helping us learn how to improve our systems and workflows?”
  • “What exactly are people doing inside these GenAI tools?”
  • “Which prompts contain sensitive data—and who entered them?”

In one analytics snapshot, MagicMirror flagged 40 AI prompts in a 30-day period, 4 of which contained sensitive data, such as client names or legal contract terms. MagicMirror also anonymized this data locally, so it never left the user’s device. That level of granularity allowed Bill and the IT team to engage directly with those users, understand the context, and reinforce policies in a constructive and educational way.

/We Support/

“We had written our AI policy and outlined best practices, but we needed to have confidence that they were being followed,”

— Bill Coapman, I.T. Manager
/We Support/
/THE SOLUTION/

Visibility + Protection, All On-Device

/BUYER/
To bridge the gap between enablement and control, they deployed MagicMirror as a lightweight browser extension, rolled out via GPO to ensure easy deployment across the firm.

With MagicMirror, the team could:

  • See what tools were being used (ChatGPT, Copilot, Gemini)
  • Track prompt activity and understand whether tools were being used for drafting, research, or data transformation
  • Protect PII, PCI, and client-specific terms in real-time—before they left the device
  • Segment enforcement by role (attorney, paralegal, admin) to reflect internal policy groups
  • See what users were using logins that allow training on their data, since ChatGPT is an opt-out tool, and users don’t realize they are turning over their data

And because MagicMirror processes everything on-device, there was no risk of data being routed through third-party cloud services—an essential requirement for legal and regulatory compliance.

/We Support/

“I don’t want to just block tools—we need to know how they’re being used so we can help our attorneys work smarter,”

— Bill Coapman, I.T. Manager
/We Support/
/RESULTS/

Policy-Driven Enablement, Not Blockage

/BUYER/
Thanks to MagicMirror, they were able to:
  • Deploy quickly and easily across their Microsoft 365 environment
  • Protect sensitive client data without blocking GenAI entirely
  • Align tool usage with their AI policy, giving partners, attorneys, and staff clear guidelines with built-in safeguards
  • Compare usage patterns and measure ROI on tools like ChatGPT vs. Copilot
  • Support ongoing AI governance with analytics, usage logs, and customizable alerts
  • Improved clarity on AI tool ROI, helping leadership adjust budget strategy
“MagicMirror doesn’t feel like a hammer—it’s a toolbox. It provides us with visibility, protection, and the ability to shape AI usage based on real-world data. We’re not guessing anymore.”
/We Support/
/WHAT’S NEXT/

/BUYER/

As GenAI becomes more integrated into legal workflows, the firm is using MagicMirror to evolve their AI governance in lockstep. Their next goals include:

  • Enhancing internal training around prompt quality and data privacy
  • Surfacing more usage patterns to inform firm-wide tool investment
  • Expanding protection policies tied to legal classification models

GenAI isn’t just a tech initiative—it’s a strategic shift. And visibility and protection are what make that shift safe.

/Just Like Magic/

Book a Demo


The Magic Happens
When Security is Invisible

Security should feel like magic—powerful, seamless, and always working in the background without disrupting workflows.

See MagicMirror in action—Book a Demo Today.

Contact Us
Invalid email address. Please add a valid workspace email.
Organization Size*
Anything else?
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.