Digital Documentation Government Online Digital Signature Module Marketing Materials Prepared by: SHARESQUARED, INC. John Honeycutt 800-445-1279 x900 John@ShareSquared.com Page 1 of 7 Printed on recycled paper
GO2 Digital Signature Marketing Materials 1 Revision History Revision Description Date Updated By 1.0 Initial Draft 6/15/2014 Ted Iverson 1.1 Updated for Concord 9/15/2014 Jeff Gunn Page 2 of 7 Printed on recycled paper
GO2 Digital Signature Marketing Materials 2 CoSign by ARX Digital Signature Solution Overview 2.1 Introduction The CoSign digital signature solution from ARX makes it easy to digitally sign electronic documents and records. It makes use of standards-based Public Key Infrastructure (PKI) technology in a commercial off the shelf (COTS) solution. CoSign allows anyone to easily verify the signatures for signer identity, signer intent, and content integrity. CoSign offers numerous distinctive advantages over competing solutions, including a self-hosted solution that ensures complete control over the signer management process and privacy of the signed documents; a plug n play turnkey solution that is installed remotely and in less than half a day; secure and centralized management of the signing credentials and keys; and signing capability for Office and Adobe documents, as well as any printable output generated by any application being used by the University. In addition, the signature and certificate details are embedded directly into the signed document, eliminating reliance on a PKI vendor for validation. And because the CoSign integration is with specific application vendors such as Microsoft and Adobe, it works with any document management, content management, or workflow system of choice. 2.2 CoSign Features Central storage of signing keys Keys are generated and stored in a secure tamper-evident appliance, eliminating the need for hardware tokens such as smartcards, USB tokens, etc. The keys are kept encrypted and never leave the appliance. All signing operations are performed within the appliance. Built-in Certification Authority (CA) CoSign s built-in CA independently issues, revokes, and renews all signing certificates for CoSign users. This makes it unnecessary to maintain or work with an external CA, but CoSign also supports third party certificates. Choice of organization s user directory or built-in user directory CoSign leverages existing directory user management systems, such as Microsoft Active Directory, for managing internal signers. With the seamless integration, CoSign continually tracks changes in the user directory and automatically enrolls new users, updates user details, and revokes certificates for users deleted from the directory. For external signers or mixed environments, the CoSign appliance comes with a built-in user directory and signers can be added manually or programmatically using CoSign Signature API (SAPI) SDK. Third Party application support CoSign works with all standard file formats and third party software applications, such as Microsoft Word, Excel, Outlook, InfoPath, and Adobe PDF. In addition, a unique built-in feature provides easy signing of any printable, resulting in a digitally signed PDF. Page 3 of 7 Printed on recycled paper
GO2 Digital Signature Marketing Materials Web-signing module For external signers (students, customers, vendors) the preferred approach is to make the documents available on the client website, let the parties log-in, review the document, and sign across the web. This maintains control of the documents and eliminates chasing the document and signature. For web-portals based on SharePoint, CoSign provides a pre-built module that is ready to deploy. For non-sharepoint portals, CoSign provides Signature APIs that can be used to accomplish the same thing. Graphical signatures In addition to the standard digital signature, CoSign can integrate into each signature a graphical signature image, centrally stored within the appliance. Signing rationale In addition to the graphical signature, the signer can include a user-defined optional or mandatory reason for signing. Time Stamp: CoSign's digital signatures can be time-stamped according to IETF (RFC 3161). Authentication methods CoSign supports various authentication methods, including username and password, Single Sign-On based on Active Directory Kerberos tickets, One Time Password (OTP) tokens, biometric tokens, smartcards, and more. Signature API (SAPI) - CoSign's API enables web-signing capability and easy integration of digital signature support for new applications, document management systems, homegrown systems, etc. SAPI supports various interfaces (COM object, Web services,.net assembly, Java, and more). 2.3 CoSign Architecture The CoSign solution is composed of two (and optionally, three) key components: 1) A hardware appliance connected to the network, 2) Client software, and/or 3) Optional web-signing agent. The appliance stores the private keys, certificate and graphical signatures of all users. The appliance also performs the sensitive signing operation using the signer's private key, which never leaves the appliance. These signing operations are PKI-based and comply with all the relevant signing standards. The client software provides the connection with the signing applications. It triggers the user authentication, and enables applications to sign documents using the certificate and keys stored within the appliance, and to embed a graphical signature within the signed document. The client software includes a user component for managing the user's graphical signatures and options, as well as an administrative component enabling an administrator to manage the appliance. When using web services, CoSign client components are installed on a central server (such as a web server, SharePoint server, etc.). Using their browser, signers provide the server with their signing credentials whenever a signature is required. The optional CoSign web-signing capability is provided via our Signature API, and is delivered either pre-configured as an addon for SharePoint and other ECM applications, or as programmable APIs that can be dropped into your own web-portal or application. Page 4 of 7 Printed on recycled paper
GO2 Digital Signature Marketing Materials CoSign Architectural Overview 2.4 About ARX ARX (Algorithmic Research) is a global provider of cost-efficient digital signature solutions for industries such as life sciences, healthcare, government, and engineering. For over 20 years, ARX has specialized in security and standard digital signature application. ARX helps businesses secure, streamline, and scale their business processes and transactions with the proper controls required by legislation, regulation, and industry best practice. CoSign equipping professionals with secure, complaint digital signatures that may be used to sign any of the most popular file types, including PDF, PDF/A, InfoPath, IBM Forms, and Office documents. By eliminating the reversion to paper each time a signature is required, CoSign allows organizations to complete their investment in business automation while achieving streamlined operations, reduced organizational costs, and enhanced collaboration. Page 5 of 7 Printed on recycled paper
GO2 Digital Signature Marketing Materials 2.5 Sample Government Customers: CUSTOMER U.S. Department of Energy U.S. Dept. of Veterans Affairs U.S. District DOT U.S. Federal Courts U.S. Parole Commission U.S. Attorney General s Office U.S. Commodity Futures Trading Commission U.S. Department of Homeland Security/CBP U.S. Department of Energy INDUSTRY DoE Albuquerque FBI Federal Bureau of Prisons General Dynamics HRSA Los Alamos National Laboratory NASA Deep Underground Science and Engineering Lab VHA Veterans Health Administration BCSC British Columbia Securities Commission City of Lauderhill, FL City of Longview, WA City Of Newark, NJ City of San Francisco Airport Authority City of San Francisco Housing Authority City Of Vernon, BC County of Berks, PA County of Cabarrus, NC County of Clallam, WA County of Clayton, GA County of Clinton, IA County of Contra Costa, CA County of Durham, NC County of Franklin, OH County of Harris, TX County of Hawaii County of Iredell, NC County of Johnson, KS County of Kane, Ill District Clerk s Office County of Oakland, MI County of Olmsted, MN County of Polk, IA County of Snohomish, WA County of Stanly, NC County of Suffolk, NY INDUSTRY STATE WY CA DC DC MD DC DC DC TN DC DC FL MA MD NM FL SD DC BC FL WA NJ CA CA BC PA NC WA GA IA CA NC OH TX HI NC KS IL MI MN IA WA NC NY Page 6 of 7 Printed on recycled paper
GO2 Digital Signature Marketing Materials Fort Wayne Allen County Airport Authority Louisiana Community and Tech. College System Metro Atlanta Rapid Transit Authority Metropolitan Water District of So. California Norfolk VA Circuit Court Port of Los Angeles, CA St. Johns River Water Management District State of Florida State Board of Administration State of MN Judicial System State of Oregon Dept. of Transportation State of So. Carolina Dept. of Transportation State of Texas Department of Public Safety State of Virginia Supreme Court State of Washington Lottery Tarrant Regional Water District IN LA GA CA VA CA FL FL MN OR SC TX VA WA TX Page 7 of 7 Printed on recycled paper
The Digital Signature Company The Only Digital Signature Solution that is Fully Integrated with SharePoint Millions of signers at businesses, governments and cloud services around the world are already enjoying the seamless, intuitive, and user-friendly digital signing experience that the CoSign digital signature solution provides. They have transformed their paper-intensive processes to paperless ones, gaining significantly reduced paper-related costs and highly improved efficiency, while ensuring trust, integrity, control and security throughout their business environment. CoSign, as the only digital signature solution that is seamlessly integrated with SharePoint, keeps signature-dependent processes electronic from start to finish by enabling documents to be securely signed from directly within the SharePoint user interface. CoSign can also be integrated with the related workflow systems that are used to automate, manage, route and track these documents throughout the signing process. CoSign and the CoSign Connector for SharePoint By using CoSign together with the CoSign Connector for SharePoint you can easily preview, sign, verify, approve, accept and audit all the documents, list items and records stored on your SharePoint servers. Just as important, all this can be achieved without changing existing workflows, operational processes, security procedures or governance policies. Signing an Excel spreadsheet from SharePoint. The signing ceremony shows a preview of the spreadsheet. PDF and Word documents are also previewed before signing. CoSign digital signatures can be verified by third-party software, including the free PDF Reader. The CoSign Connector for SharePoint also enables signature verification from within the SharePoint user interface. ARX 855 Folsom St. Suite 939, San Francisco, CA 94107 Tel. (415) 839-8161 www.arx.com sales@arx.com
Easily add digital signatures to your SharePoint items, including PDF, Microsoft Word, Excel and InfoPath documents, via any computer, web browser, tablet or mobile device. Integrate with third-party SharePoint workflow solutions such as K2 and Nintex Workflow, or use SharePoint Designer to add digital signatures to workflows. Easily verify document integrity, signer identity and intent, using widely available applications such as Microsoft Word, Excel and many PDF readers. Create legally enforceable digital signatures that are compliant with even the strictest industry-specific regulations and countryspecific legislation. Guarantee document security and privacy by ensuring that your sensitive data remains within your IT network and is never sent to third party servers. SharePoint Server Workflow Support CoSign enables you to add digital signatures to all major SharePoint workflow tools* with features designed to keep your team productive: The CoSign Signature Task enables a workflow to request a signature from a signer. The signer can choose to sign or reject the signature request. If the request is rejected, a rejection reason can be provided. As appropriate, the workflow can base routing decisions on the rejection reason. When signing, a document preview window displays the PDF, Word or Excel document. The Signature Verification action enables a workflow to determine if a document has been signed. The Auto-sign action enables a workflow, if authorized, to sign a document on behalf of a signer. K2 workflows can manage CoSign users. For example, a workflow can automatically add signers who are external to an organization, enable them to sign, and then remove them from the CoSign system. CoSign custom actions K2 Workflow Object Browser showing available CoSign methods for signing and user management. The CoSign Connector for Nintex provides custom actions for adding digital signatures to Nintex workflows.
CoSign Connector for Office 365 The CoSign Connector for Office 365 provides a seamless process for signing Office 365 Word, Excel, and PDF documents from the SharePoint Online user interface. Documents can be signed using CoSign Cloud or your own on-premises CoSign Central appliance. CoSign workflow actions The CoSign Connector for SharePoint provides custom actions for adding digital signatures to workflows using SharePoint Designer or Visual Studio. Workflow Tool SharePoint Designer Requires CoSign and the CoSign Connector for SharePoint Nintex Workflow Requires CoSign and the CoSign Connectors for SharePoint and Nintex Workflow Features CoSign signature tasks with document preview WYSIWYG** positioning and sizing of signature fields Auto-sign actions Signature verification actions Uses the SharePoint Workflow engine Visual Studio Requires CoSign and the CoSign Connector for SharePoint K2 Requires CoSign and the CoSign Connector for K2 CoSign signature tasks Signature verification actions Signature field creation from text anchors CoSign User Management: Create, Delete, Enable, Disable and List users Integrated with K2 SmartForms Auto-sign is available from K2 Professional Services Uses the K2 Workflow engine * Different workflow tools offer specific features and benefits. Please consult the tools product manuals for more information. ** WYSIWYG (What You See is What You Get) enables the user to visually position and size the signature field on the screen by using their mouse or touchscreen.
SharePoint Server Auto-sign Auto-sign enables a user to authorize a workflow to sign on his behalf. Use cases for auto-sign include: 1. As part of a workflow, a person approves a document or the data used by the workflow to generate a customized document. As a direct side-effect of the approval, the workflow autosigns the document on behalf of the approver. Auto-sign enables faster and easier processes it enables signers to skip signature steps if they are not needed. 2. Auto-sign can be used by a workflow to automatically sign documents on behalf of the company or organization in an automated/batch scenario. For example, a workflow can create invoices and automatically sign each one before it is emailed. 3. Auto-sign can be used by a workflow to seal documents as they enter a business process. If the document is changed by mistake or on purpose later in the business process, the change will be detected and the signature will become invalid. 30-Day Trial The CoSign Connector for SharePoint Trial provides a private SharePoint site with the CoSign Connector installed. An on-premises trial of the connector is also available. For more information or to request a trial, please visit www.arx.com/sharepoint or email sales@arx.com. Case Study: San Francisco Housing Authority Industry: Government Integrations: SharePoint, Nintex, K2 Challenge: A paper-heavy environment issuing no less than 7,000 POs each year, requiring printing, signing and scanning. Goals A Digital Signature solution Integrate with SharePoint, Nintex and K2 workflows Sync with Microsoft Active Directory Comply with the city and county initiative to go green Solution to be on-premises and not in the cloud Solution CoSign Central on-premises 7000 POs signed digitally every year Digitally sign many file types including Word and PDF Seamless integration with SharePoint, K2 and Nintex 150 signers and growing As a government agency, we have to be very careful about expenditures, but the savings that CoSign brought us easily justified the expense. The CoSign product is extremely flexible and reliable, enabling us to move forward with the latest technologies. David Rosario, IT Director at SFHA ARX 855 Folsom St. Suite 939, San Francisco, CA 94107 Tel. (415) 839-8161 www.arx.com sales@arx.com
The Digital Signature Company ARX 855 Folsom St. Suite 939, San Francisco, CA 94107 Tel. (415) 839-8161 www.arx.com sales@arx.com
CoSign: The Most Widely Used Digital Signature Solution Organizations around the world have invested in business automation solutions to streamline their workflows, improve their efficiency and cut costs. These developments have established digital business processes which try to ensure that documents, forms, and reports remain paper-free throughout their entire lifecycles. Organizations greatly benefit from these automated processes up to the point where paper must be reintroduced just in order to collect wet ink signatures. This significantly reduces the value of automation by bringing business to a halt, generating unnecessary paper-based expenditures, and limiting organizational efficiency. CoSign Offers a Complete Digital Signature Solution CoSign has helped enterprises, SMBs and government organizations around the world rapidly transform their signature-dependent processes from paper-intensive to paper-free. Our millions of users are proof of how easy it is to quickly achieve ROI by significantly reducing process times and cutting paper-related costs. By making it simple to digitally sign documents, contracts, forms and records, CoSign eliminates the need for slow and expensive paper-based signing processes, while creating legally enforceable signatures that provide the integrity and trust required for audits, compliance with industry regulations, and good business practices. CoSign provides a fully featured digital signature solution which can be deployed either on-premises (CoSign Central) or hosted (CoSign Cloud). Both options can help you quickly establish fully digital signature-dependent processes by: Providing an easy way for you to sign all major file types directly within widely-used applications, such as Microsoft Word, Excel and SharePoint. Integrating seamlessly with your existing DM, ECM and workflow systems, including SharePoint, K2, Nintex, OpenText, Oracle, Alfresco and more. Allowing users to sign anywhere from any computer, tablet or mobile device. Enabling anyone to easily verify the signer s identity and intent, as well as the document s integrity, using any Microsoft Office application or PDF reader. Ensuring that you do not have to make any changes to your existing workflows, operational processes, security procedures, and governance policies. Guaranteeing security so that you can be sure your sensitive data remains within your IT domain and is never saved on third party servers. Creating legally enforceable signatures that are compliant with even the strictest industry-specific regulations and country-specific legislation. If you have any questions or would like further information, please visit us at www.arx.com or send us an email at sales@arx.com.
CoSign Ensures Control and Security Keeps your signed documents within your enterprise IT domain, never saving them on any external thirdparty servers. Adapts to your existing processes, governance policies and SOPs, instead of forcing you to adopt rigid workflows. Integrates with the user directories and enrollment methods that meet your user management and authentication requirements. CoSign Allows Compliance Complies with strict industry and governmental regulations including ESIGN, UETA, EU directives and VAT law, FDA 21 CFR Part 11, USDA, SOX, and many more. Supplies easily verifiable proof of signer identity, signer intent and document integrity. Offers signatures that can be validated by anyone at any time using widely available applications such as Microsoft Office or any PDF reader. CoSign Delivers Low TCO & Rapid ROI Puts you on the path to a rapid ROI by significantly reducing paper-related costs, decreasing document turnaround times, and improving efficiency. Installs quickly and easily with minimal operational impact, followed up by less than 10 hours of IT maintenance work per year. Offers multiple pricing options, including volume pricing and flexible payment plans based on your user capacity and/or signature requirement needs. CoSign Provides Freedom of Choice Works with the content authoring applications and file types you are already using, including Word, Excel, Outlook, PDF, PDF/A, InfoPath, TIFF, AutoCAD and many more. Integrates directly into your existing document management and workflow automation systems, including SharePoint, OpenText, Oracle, Alfresco, Nintex, K2 and more. Allows your users to sign wherever and whenever they need, whether at the office on their PC, at home on their tablet, or in the field using a mobile device. Synchronization with the user directory A user edits a document and clicks the Sign button Shhh... A document hash is calculated and securely sent to CoSign over SSL A digital signature is securely sent back to the application The digital signature is embedded in the document, according to the standard, creating a digitally and graphically signed document Graphical Signatures Built-in CA Digital Signing Keys
Technical Specifications Applications and File Types Microsoft Word, Excel, PowerPoint and Outlook Microsoft SharePoint and InfoPath AutoCAD, Bentley MicroStation PDF, TIFF, XML, and many more Document/Workflow Management Systems Microsoft SharePoint, K2 and Nintex OpenText, Oracle, Alfresco and Laserfiche Siemens Teamcenter, SAP, Adobe LiveCycle NextDocs and other industry-specific apps Signature Features Standard digital signatures (PKI Inside) Easily verifiable non-proprietary signatures Proof of identity, intent and integrity Multiple signers per document Multiple graphical signatures per user Graphical signature image management Sectional and interdependent signatures Customizable signature block Unattended and batch signing Audit trail and secured time stamps Invisible signatures Certification Authority (CA) CoSign Internal (controlled-trust) CA Automatic web-trusted CA Subordinate CA or External CA Authentication Methods User Name/ Password Single Sign On One-Time Password (OTP) Tokens (Smart Cards, USB-based security tokens) Biometric RADIUS or OATH-based authentication LexisNexis InstantID SAML 2.0 Supported APIs CoSign Signature API (SAPI ) Web Services Ready (RESTful API, OASIS DSS, Adobe Roaming ID ASSP, and SPML) Microsoft CAPI and CAPI-NG PKCS#11 JCA/JCE User Directories Microsoft Active Directory LDAP-based Directories Active Directory Federation Services (ADFS) Directory Independent Installation Security Standards NIST FIPS 140-2 level 3 validated appliance FIPS 186 and ETSI TS 101 733 CoSign Central is currently undergoing Common Criteria EAL 4+ evaluation for SSCD (Secure Signature Creation Device) certification Additional Features High availability and load balancing Can be powered by two power sources Supports unlimited number of signers High performance signing Physical Dimensions (CoSign Central) 1U Rack-Mountable - 18.9 x 22.0 x 1.8 / 47.9cm x 55.9cm x 4.5cm (28 lbs / 12.7 kg) 4U Rack-Mountable (FIPS 140-2 level 3) - 19.0 x 17.5 x 7.0 / 48.3cm x 44.5cm x 17.8cm (30 lbs / 13.6 kg) January 2014 ARX, Inc. and/or Algorithmic Research Ltd. CoSign and SAPI are registered trademarks of Algorithmic Research, Ltd. All rights reserved worldwide. All other brands and product names are registered trademarks or trademarks of their respective owners. ARX 855 Folsom St. Suite 939, San Francisco, CA 94107 Tel. (415) 839-8161 www.arx.com sales@arx.com
The Digital Signature Company CoSign: The Strongest Digital Signature Solution * for the Government Market We re using CoSign to sign any type of correspondence issued by our office, including legal pleadings, letters, and memos. When employees needed to take vacation or sick leave, they used to walk into my office every 30 minutes with paper documents for a wet signature approval, which could sometimes take a two-day turnaround time. With CoSign, it takes two seconds. Martha Rodillas, County of Hawaii As State and Local Government organizations adopt paperless processes and automate their document workflows, the wet ink signature is looking anachronistic in a digital world. Governments have invested heavily in automating their business processes, yet find themselves still printing paper for the purpose of obtaining signature approvals. Governments, who can no longer accept the cost and delays associated with these paper flows and ink signatures, are now adopting highly secure and user-friendly Digital Signatures. CoSign has helped government organizations around the world easily transform Document integrity confirmed their signature-dependent processes from paper-intensive to paper-free, helping them rapidly achieve ROI by reducing process times, increasing efficiency and cutting paper-related costs. CoSign enables governments to easily add digital signature capabilities to their processes with the highest levels of security: Integrate highly secure digital signatures directly into their workflows Digitally sign all their transactions, documents and forms using any computer, tablet or mobile device while saving them only inside their IT domain Produce legally compliant records that guarantee signer identity and intent, date and time, and document integrity Signatures are easily validated by anyone using widely available apps such as MS Office and PDF readers Meet the broadest diversity of regulatory and compliance standards set by government agencies, including NIST FIPS 140-2 level 3; ESIGN, UETA, SEAL, GPEA and UCC in the US; and UECA and PIPEDA in Canada *CoSign named Strongest Digital Signature Solution in The Forrester Wave: E-Signatures, Q2 2013 report ARX 855 Folsom St. Suite 939, San Francisco, CA 94107 Tel. (415) 839-8161 www.arx.com sales@arx.com
The Digital Signature Company CoSign Benefits Freedom of Choice CoSign allows you to sign using any computer, tablet or mobile device, with the content authoring application or file format you are currently using, while integrated into your DM, ECM or workflow system. Control and Security CoSign adapts to your processes, workflows and user management needs, so that you don t have to change anything about the way you work, while keeping your documents solely within your IT domain. Legal Compliance CoSign meets strict international standards, governmental legislation & industry regulations, while supplying proof of signer identity and document integrity for guaranteed transparency, auditability and accountability. Low TCO & Quick ROI CoSign provides a rapid ROI by significantly reducing your costs and improving efficiency, and a low TCO with a quick installation process, minimal operational impact, negligible ongoing maintenance and easy scalability. Digital Signatures Across Departments Finance: Requisitions, Invoices Procurement: Purchase Orders Point of Service: Applications and permits Transportation, Public Works, Engineering: Drawings, Change Orders Legal: Contracts, Pleadings, Letters, Memos Court Systems: Reports, Judicial Decisions, Complaints Health Departments: Medical Records, Patient Consents Signature Verification & Integrity = Trust Signature embedded in document Trusted by: Human Resources: Employment Agreements, Benefit Changes, Reviews, Time Sheets, Expense Reports Employees Partners Suppliers Clients Regulators Case Study: San Francisco Housing Authority Industry: Government Integrations: SharePoint, Nintex, K2 Case Study: Johnson County, KS Industry: Government Applications: Internally developed Challenge: A paper-heavy environment issuing no less than 7,000 POs each year, requiring printing, signing and scanning. Goals A Digital Signature solution Integrate with SharePoint, Nintex and K2 workflows Sync with Microsoft Active Directory Comply with the city and county initiative to go green Solution to be on premises and not in the cloud Solution CoSign Central on premises 7000 POs signed digitally every year Digitally sign many file types including Word and PDF Seamless integration with SharePoint, K2 and Nintex 150 signers and growing As a government agency, we have to be very careful about expenditures, but the savings that CoSign brought us easily justified the expense. The CoSign product is extremely flexible and reliable, enabling us to move forward with the latest technologies. David Rosario, IT Director at SFHA Challenge: With budget cuts, service and back-office processes and workflows had become too expensive and inefficient. Goals Cut costs and streamline business workflows Collect digital signatures from residents, online and offline Implement employee signatures in business processes Centralized infrastructure syncing Microsoft Active Directory Comply with HIPAA and PCI regulations Solution CoSign Central on premises Ease-of-use and security with CoSign Usage from Finance to Emergency Management Web signing as an added benefit 20 departments signing digitally with CoSign We had a long list of stipulations for a solution that needed to meet the highest standards. We discovered that CoSign was the only solution that met all our requirements, including an easy-to-use toolkit that enables customers to add digital signatures to their website and custom applications. Mary Weitzel, Technology Architect, Johnson County, Kansas ARX 855 Folsom St. Suite 939, San Francisco, CA 94107 Tel. (415) 839-8161 www.arx.com sales@arx.com