Top 7 Tips for Better Business Continuity

Similar documents
Understanding and Selecting the Right Secure File Transfer Solution for your Organization

SecureSend File Transfer Portal Usage Guide

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

Top 10 Questions to Ask when Choosing a Secure File Transfer Solution

Ensuring the security of your mobile business intelligence

Security Overview Enterprise-Class Secure Mobile File Sharing

eztechdirect Backup Service Features

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Egnyte Cloud File Server. White Paper

FileCloud Security FAQ

Secure Frequently Asked Questions

Frequently Asked Questions. Frequently Asked Questions SSLPost Page 1 of 31 support@sslpost.com

Online Transaction Processing in SQL Server 2008

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

TECHNOLOGY OVERVIEW INTRONIS CLOUD BACKUP & RECOVERY

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Security Considerations

redcoal SMS for MS Outlook and Lotus Notes

Axway SecureTransport Ad-hoc File Transfer Service

Comprehensive Agentless Cloud Backup and Recovery Software for the Enterprise

Microsoft SQL Server 2008 R2 Enterprise Edition and Microsoft SharePoint Server 2010

How To Protect Your Data From Harm

SERENA SOFTWARE Authors: Bill Weingarz, Pete Dohner, Kartik Raghavan, Amitav Chakravartty

Daymark DPS Enterprise - Agentless Cloud Backup and Recovery Software

Dropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description

Symantec Enterprise Vault.cloud Overview

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

Netwrix Auditor. Administrator's Guide. Version: /30/2015

Comprehensive Agentless Cloud Backup and Recovery Software for the Enterprise

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

CA Performance Center

Data Storage That Looks at Business the Way You Do. Up. cloud

How Our Cloud Backup Solution Protects Your Network

Online Backup Solution Features

Copyright 2013, 3CX Ltd.

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE

Secure any data, anywhere. The Vera security architecture

Policy Based Encryption E. Administrator Guide

Policy Based Encryption E. Administrator Guide

Copyright

HTTP connections can use transport-layer security (SSL or its successor, TLS) to provide data integrity

Symantec Enterprise Vault.cloud Overview

Exhibit B5b South Dakota. Vendor Questions COTS Software Set

Manual POLICY PATROL SECURE FILE TRANSFER

How To Use Egnyte

Media Shuttle. Secure, Subscription-based File Sharing Software for Any Size Enterprise or Workgroup. Powerfully Simple File Movement

How To Backup Your Hard Drive With Pros 4 Technology Online Backup

Hosted SharePoint. OneDrive for Business. OneDrive for Business with Hosted SharePoint. Secure UK Cloud Document Management from Your Office Anywhere

The SparkWeave Private Cloud & Secure Collaboration Suite. Core Features

MIGRATIONWIZ SECURITY OVERVIEW

MassTransit vs. FTP Comparison

BMC s Security Strategy for ITSM in the SaaS Environment

Ensuring the security of your mobile business intelligence

Business Case for Voltage Secur Mobile Edition

Bridging People and Process. Bridging People and Process. Bridging People and Process. Bridging People and Process

Encryption Made Simple

Security Solutions

How To Get The Most Out Of Your From Your Mail Server (For A Small Business)

The governance IT needs Easy user adoption Trusted Managed File Transfer solutions

Evolved Backup Features Computer Box 220 5th Ave South Clinton, IA

Mobile Device Management Version 8. Last updated:

WHITE PAPER NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW

POLICY PATROL MFT. Manual

BANKING SECURITY and COMPLIANCE

Storgrid EFS Access all of your business information securely from any device

An Enterprise Approach to Mobile File Access and Sharing

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

White Paper. Prepared by: Neil Shah Director, Product Management March, 2014 Version: 1. Copyright 2014, ezdi, LLC.

SVA Backup Plus Features

FilesAnywhere Feature List

Solving the Online File-Sharing Problem Replacing Rogue Tools with the Right Tools

Introduction. Ease-of-Use

Implementation Guide. Version 10

Securing the Service Desk in the Cloud

OutDisk 4.0 FTP FTP for Users using Microsoft Windows and/or Microsoft Outlook. 5/1/ Encryptomatic LLC

WHITE PAPER. Managed File Transfer: When Data Loss Prevention Is Not Enough Moving Beyond Stopping Leaks and Protecting

Owner of the content within this article is Written by Marc Grote

Server Installation ZENworks Mobile Management 2.7.x August 2013

Encryption Made Simple

Policy Based Encryption Z. Administrator Guide

Guidelines on use of encryption to protect person identifiable and sensitive information

Server Consolidation with SQL Server 2008

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Citrix ShareFile Enterprise: a technical overview citrix.com

Gladinet Cloud Backup V3.0 User Guide

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX

Workflow Templates Library

The increasing popularity of mobile devices is rapidly changing how and where we

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

BlackBerry Enterprise Service 10. Version: Configuration Guide

RSS Cloud Solution COMMON QUESTIONS

Advanced Service Design

Access All Your Files on All Your Devices

05.0 Application Development

Kopano product strategy & roadmap

Okta/Dropbox Active Directory Integration Guide

Transcription:

Top 7 Tips for Better Business Continuity With Hosted Fax www.biscom.com sales@biscom.com (+1) 800-477-2472 or (+1) 978-250-1800

Introduction Biscom s Secure File Transfer (Biscom SFT) solution enables people to share confidential or large files and folders securely with just a few clicks. Sharing files is as convenient as opening any Web browser, dragging and dropping files onto the page, and sending them out like an email. Except unlike email, SFT guarantees delivery, provides a delivery receipt, and logs the entire process for auditing purposes. You ll no longer wonder if someone received your files you will know who received the files and when. With support for cross-platform Web interfaces, mobile devices, and Microsoft Outlook, SFT can be incorporated seamlessly into your workflow and processes. Biscom SFT replaces the age-old problem of clumsy and unsecure FTP servers, as well as the issues around sending large or confidential email attachments. Because of the increased regulations and tighter policies around sharing certain types of personal or private information, enterprises are requiring new strategies around delivering that information. However, the technology must be accessible to anyone from the pure novice to the power user especially when files are shared with external users. Federal, state, and local regulations as well as compliance requirements are behind much of this movement, but best-of-breed companies are also recognizing that beefing up their security policies is good for them as well it provides additional comfort for their clients, customers, and partners as the number of data breaches continues to increase. While FTP and email are the predominant forms of file sharing, today s forward thinking organizations are integrating solutions that keep everything securely encrypted, handle the largest files, and are easier to use. Today s corporations are sharing a wide variety of files financial spreadsheets, contracts, legal documents, medical records, corporate intelligence, credit card information, social security numbers, and intellectual property and FTP and email are simply not ade- Secure File Transfer 2

quate for exchanging confidential and sensitive information. We will look at the architecture used to protect this information, and show how effortless it is to extend your network to support today s new requirements. Issues with Email, FTP, and Mobile Devices Email is probably what most people will use by default to send or forward electronic files it s easy to fill in an address and attach files, and practically everyone knows how to use it. But email has extremely poor security, usually comes with size limitations, and lacks reliable feedback on whether the file attachments actually made it to your recipients. Additionally, from an administrator s standpoint, large attachments also slow down the mail server, take up valuable storage space that needs to be backed up, and of course, without any security, sensitive files can be easily compromised or end up in the wrong hands. FTP is similarly susceptible to hacking passwords are passed in clear text, it doesn t employ encryption over the wire, and FTP is not always the easiest to use, especially by those with a less technical bent. Although FTP is prevalent throughout organizations, administrators must manage the servers and spend time assisting users to upload and download files. Often FTP servers become dumping grounds for files administrators can t tell which ones should stay and which can be deleted. For companies that have strict requirements around data privacy, FTP is a very poor method of transferring files, not just because of its security lapses, but also because of the lack of visibility into the precise transactions that show who and when users uploaded and downloaded files. This makes the job of compliance officers very challenging. Biscom FTP Email DVD / USB Secure/data YES NO NO NO encrypted at rest Auditable YES NO NO NO Reports YES NO NO NO Easy administration YES NO NO NO Notification YES NO YES NO Easy to use YES NO YES YES More recently, the growth in the number of mobile device has had Large files YES YES NO YES an impact on SFT requirements. As more people invest in smart Self service YES NO YES YES phones, tablets, and other connected devices, IT groups are facing a new demand to support these devices. The bring your own device (BYOD) movement is gaining momentum, and when the principals, partners, or the management team of a business is demanding support for their devices, it s up to IT to provide it. And it also falls on IT to somehow ensure that all security policies and regulations apply to mobile devices. Together, these requirements and changes to information access are reasons companies are rethinking their information-sharing and file-transfer processes. How Secure File Transfer Works A secure file transfer can be initiated via any one of several methods: a Web client, Microsoft Outlook, and mobile devices. Using the Web application, a sender signs in and initiates a secure delivery. Like a Web email client, the Web interface supports a form with fields where senders enter the recipients email addresses, a subject, and any file attachments. Senders can also include a secure message that is only available to recipients who have been authenticated. 3

This secure message is unique to Biscom s SFT solution and can be used to send credit card information, passwords, social security numbers, medical information, and other data that normally should not be sent without protection. The optional delivery parameters make secure deliveries with Biscom SFT even more powerful and flexible. Senders can define delivery options for notification, expiration, collaboration, and a second-level password. Once the delivery options are finalized, the files are uploaded to the SFT server and encrypted. An email notification is delivered to each recipient and contains the notification message and a unique URL that is specific to the recipient and which cannot be forwarded to another person. When a recipient clicks on the embedded link, he or she is redirected to a Web sign-in page for authentication. Once signed in successfully, the recipient can view the secure message, download any files, and reply to the sender and attach his or her own files through the secure connection. Integration with Outlook The Microsoft Outlook add-in is a transparent extension for Outlook clients. A sender simply composes a standard Outlook message and attaches files. Administrators of the Biscom SFT system can define custom server policies for Biscom SFT Outlook Add-in triggering a secure delivery from Outlook. If any server policies are matched, or if the sender chooses to expressly use SFT from Outlook, the message and attachments are re-routed through SFT, the attachments are off-loaded, and the email body is stored as a secure message. SFT will automatically generate a notification message to the recipients. The Outlook add-in runs solely in the Outlook client, with no impact on the mail server, since it communicates with Biscom SFT through a separate Web services API to verify user credentials, query server policies, and transfer files. The add-in also supports attachments of any size, even sizes greater than the Exchange file size limits. Mobile device users can access SFT through most mobile Web browsers or through an app specifically designed for mobile platforms. SFT for Apple ipad is an app that enables users to access to deliveries they have received, as well as send secure deliveries to others. In addition, the app provides access to the SFT secure workspace where users can collaborate and share files with other users. Files stored on the ipad are encrypted while at rest, and all server communication occurs over an encrypted connection. Secure Collaboration While file transfers often suit the needs of many users, there are times when a more dynamic and active collaboration among users is more useful and more efficient. For example, collaborating on a project, a group of users can easily share files with each other, start a discussion or create a comment, and manage the level of access based on the participant. Ad hoc groups can be created, and group members can granularly control notifications for new files that have been uploaded, or other related activity. These workspaces also support predetermined expirations and deletions from the system. Open Architecture, Flexible Platform, and Web Services API Biscom SFT is a pure Java application and is capable of running on both Windows and Linux operating systems. A three-tier architecture natively supports deployment of each tier to separate physical or virtual machines. The 4

presentation tier handles the Web server, which uses SSL/TLS security for communication between the client s browser and the Biscom SFT server. There is no user data stored at this tier it merely acts as gateway for Web clients, as well as any Web services API calls. The application tier comprises the business logic that determines what people see based on their roles, security policies, and the actual file transfer processes. This tier also does not actually contain any user data. The third and final tier stores and controls data files, messages, security policies, system transactions, audit logs, and user management and authentication information. This is often deployed to a more highly protected area within the network which has restrictions on access by other computers and additional firewall rules. The tiers can be clustered at each level, providing high availability and increased performance. Biscom SFT uses XML extensively in the platform not just in the Web services API, but also for data importing, communication between the various components of the product, and as a control mechanism in the SMTP interface. Because of the platform flexibility and common standards used in the SFT architecture, SFT is easily integrated with other applications and can be deployed in a variety of ways that best suit the network security standards already in place. Application, Network, and Data Security Biscom SFT uses a layered security model that manages and controls access to all components in the network, application, and data tiers. Application security and governance User authentication using an internal database or LDAP/Active Directory User roles and permissions Session timeout Automatic delivery expiration User expiration Quotas File type restrictions Recipient inclusions and exclusions (set globally and at user level) Password strength requirements and expiration Biscom SFT Architecture Penetration testing: SQL injection, cross-site scripting, and buffer overflow/overrun attacks 5

Client access to back-end and data tier through API only where security logic is enforced Network security Back-end file encryption (protection for data at rest ) using AES 256- bit encryption Encryption of files in transit using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) Three-tier separation of presentation, application, and data layers Data security Key management utilities for administrators with multiple encryption key support Automatic file deletion/purging schedule Anti-virus integration Obfuscated file system keeps file names and owners hidden Passwords are encrypted, no passwords are stored in clear text Files are stored using a FIPS 140-2 certified AES 256-bit encryption algorithm, the encryption algorithm ratified as a standard by the National Institute of Standards and Technology (NIST). AES was picked by NIST for its speed, as well as for its support of large key sizes to reduce vulnerability from brute force attacks. Administrators can configure SFT encryption settings, and multiple keys can be managed from the encryption tool s interface. Encrypting files in the file repository helps maintain internal and external security and prevents data breaches from inside and outside the company. Encryption is handled transparently by Biscom SFT, so users do not have to manage the complexities of private and public keys, or manually encrypt and decrypt files, when sending and receiving deliveries. Deployment The three-tier architecture provides flexible deployment of components that can better map to a company s existing security infrastructure. The platform neutrality of Biscom SFT enables the server to be deployed in multiple operating environments and in multiple configurations, utilizing existing components. For example, companies may already own and have support for a Web server, database, directory service, and SAN or NAS storage server. SFT easily scales from the departmental level to corporate-wide use without IT having to worry about hardware upgrades or storage limitations by simply updating a license key. Since many companies already have considerable investments in networked storage solutions, Biscom is agnostic to the underlying vendor or technology, and works with any UNC, NAS, or SAN storage system. Biscom SFT also supports migration from different storage locations, with only a simple configuration change necessary to point to a different location if usage exceeds the current data storage capabilities. Moving to a larger system is quick and easy with no software upgrades required. This flexibility enables a company to retain its backup and data retention policies without having to worry about a new storage pool to add, manage, and back up. Virtualization Biscom SFT runs on physical hardware as well as virtual platforms equally well. Virtualization is becoming increasingly 6

popular with companies for its convenience in deployment, the elimination of hardware servers, reduction in costs associated with running hardware, and the commitment to greener technologies. But virtualization also has additional benefits with respect to SFT. One configuration that we recommend is running the application server as a virtual machine, and taking a snapshot of a virtual SFT server provides a simple backup server in case the primary server fails. A snapshot will have all the configuration options and application policies of the primary server, and administrators can restore service in a matter of minutes. Some virtualization vendors provide hot backups and robust failover capabilities, such as VMware VMotion, that can minimize downtime due to hardware failures. Additionally, multiple virtual machines can be clustered and used in a failover and load balanced configuration to increase performance as well as provide a redundant architecture for increased uptime. Multiple Instances Since Biscom SFT has the capability to run multiple logically separated instances on a single server, it can provide custom instances for specific departments or groups within an organization. Each instance can have its own copy of the database, its own data repository, and configuration options that apply solely to that instance. Moreover, the number of instances that can run on a single server is limited only by the CPU and memory of the underlying hardware platform as well as the level of usage of the system as a whole. Administrator Utilities The Future of Secure File Transfer Biscom SFT is deployed in many industries, including healthcare, financial services, legal, construction, manufacturing, technology, retail, and federal, state, and local government. It s clear that SFT is an important application across multiple industries and sectors, with several that have needs based on legal, regulatory, or contractual requirements. The message we hear from our customers and prospective customers is clear and consistent: sending files securely, or sending large files, needs to be extremely easy for their users, or adoption of the solution will be challenging. We also find that no two customers are alike in their needs. Flexibility in configuring the application is absolutely critical whether it s customizing text, logos, colors, and fonts, or modifying the behavior of the application and setting policies for data retention, file restrictions, delivery parameters, and registration. Biscom SFT works well as a standalone application used in a single department or enterprise- wide. Existing and legacy applications can be tied to SFT to integrate secure delivery features and leverage prior investments. The broad and granular programming interfaces enable customers to build new applications from the ground up to solve complex and unique problems. Ultimately, Biscom SFT has the capacity to be an integral part of an organization s mission critical infrastructure and to be a service that can be used by multiple departments with diverse requirements and applications. 7

Biscom White Paper The Leader in Secure Enterprise Document Delivery SFT Web user Interface About Biscom Biscom, headquartered in Chelmsford, Massachusetts, pioneered the development of the first enterprise fax server. Since 1986, Biscom has provided the most scalable and reliable secure document delivery and file sharing solutions to the world s largest enterprises. Copyright 2013 Biscom, Inc. All rights reserved. No part of publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photo copy, recording or any other information storage and retrieval system, without prior permission in writing from Biscom, Inc. The information in this publication is subject to change without notice. www.biscom.com For sales please contact: sales@biscom.com (+1) 800-477-2472 or (+1) 978-250-1800

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information