Biscom Delivery Server

The Trusted Solution for Enterprise Secure File Transfer

BISCOM DELIVERY SERVER

Biscom, Inc. document delivery since 1986

BDS division launched in 2003 as “intelligent”

file transfer solution

Corporate Data is More Vulnerable Than Ever

“Record number of data breaches reported in 2007”InformationWeek December 2007

“Database with over 8,700 stolen FTP credentials found”

Computerworld February 2008

“Records reveal: Data leaks rampant”Boston Business Journal February 2008

“Credit card data breach could affect 650,000”Associated Press January 2008

Increasing Personal Data Privacy Regulations

• Existing federal regulations

• International data privacy regulations

• Current and planned state regulations

– Example: planned Massachusetts data privacy

regulation

“Mandate all „personal information‟ belonging to

Massachusetts residents be encrypted whenever it is

stored on portable devices, transmitted wirelessly or

shared on public networks”

Challenge: Internal Employees

• Reason for data leaks

• Protection against data leaks– “How well protected do you feel your company is against each of the following types of data leaks?”

Feb 2008

Ad hoc File Transfer – The Opportunity

According to Gartner*• “The majority of file transfers are ad hoc, meaning that

the file transfer was meant to occur only one time and generally not triggered by an event or automated process.”

• “The most popular means of ad hoc file transfer are customer-based file servers and e-mail.”

• “Offloading the e-mail attachments that comprise much of the ad hoc file transfer…is the fastest-growing market segment in the MFT market.”

*Gartner Report: Diving deeper into the MFT Suite Market.. . Sept 18, 2008

Issues with existing approaches for ad hoc file transfer

• Enterprise support for ad hoc and collaborative interactions

– Email attachments are not secure; file size & file type limitations

– FTP is not secure, lacks tracking, and can be hard to use

– Overnight Delivery Services are slow and expensive, packages

can be lost

– Internal Systems may not meet compliance requirements

• Tracking FTP, Email, and Overnight file transfer processes are

difficult to manage and not auditable

Biscom Delivery Server – A new Paradigm

in ad hoc file transfer

• Does not require change to sender behavior• Utilizes familiar e-mail messaging as transport

• Promotes compliance with corp. policy

• Easier to do business with customers/partners• Sender push vs. recipient pull technology

• Eliminates need for proactive recipient action

How it works – BDS web interface

Three steps to deliver files securely

1. Your senders collect documents and files, and create a package in BDS

Your company – Internal Senders External Recipient

Web

How it works – BDS web interface

Three steps to deliver files securely

1. Your senders collect documents and files, and create a package in BDS

2. Your sender addresses the package and a notification email goes out to your

recipients

Your company – Internal Senders

Web

External Recipient

How it works - BDS

Three steps to deliver files securely

1. Your senders collect documents and files, and create a package in BDS

2. Your sender addresses the package and a notification email goes out to your

recipients

3. Recipients click the embedded link, authenticate, and download their files

Your company – Internal Senders

Web

External Recipient

Choose recipients & upload files

• User can choose names and groups from address book (with auto-complete)

• Drag and drop multiple files to send to multiple recipients

• Can customize default messages and define receipt notification settings

• Optionally modify delivery options

User chooses

from global

address list

Enter secure

and

notification

messages

Upload files

Enter delivery

options

Using the Applet

Current

progress

Total

progress

Multiple files can be uploaded at once, with support for checkpoint restart

Receiving a delivery

Recipients receive an email notification containing an embedded link

Embedded

link

Users Sign In

Recipients sign in using their email address and password, or their LDAP/AD credentials

How it works: Outlook

Avoiding Large Email Attachments in Exchange

1. Enterprise has established size limits and policies for email attachments

2. Policies based on attachment size, file type, or keyword for secure send

3. Direct Outlook integration, no Exchange connectors or gateways required

4. Re-routing attachments is transparent/seamless to the end user

Outlook Add-in

• Uses existing compose message form

• Can view file upload status

BDS

Options

Drag and

drop files

Secure

message

Administrator Can Track & Audit Files Sent

Administrator Can Track & Audit Files Sent

Three-Tier Component Architecture

BDS Key Features

Security

• User authentication

• User roles and permissions

• Registration process

• SSL communications

• Back-end encryption for data-at-rest

• Inclusion/exclusion lists

• Delivery expiration

Management

• Active Directory for user management

• User, delivery reports

• System utilization reports

• Automatic file deletion/cleanup

Ease of use

• Outlook add-in

• Web interface

• Web applet, drag and drop

• Auto-complete

• Report filtering

• Customization

Integration

• Access to Exchange global address list

• SAN/NAS integration

• Windows, Linux, Solaris support

• Component architecture

• VM-compatible

• APIs

Customer Example – Rockland Trust

“BDS was an integral part of making the acquisition of Slade’s Ferry Bancorp successful. There won’t even be a question of how we’re going to get the files from another acquisition next time; BDS will be built into the project plan from the start.” –Dave Brown, CISSP, AVP, Information Risk/Security Architect

• Challenge

– Protecting customer’s personal and financial data: lending, compliance, HR, customer information departments

– Couldn’t send large files through email system

– Burned DVDs and sent via overnight delivery, but had security concerns of loss or theft

• Concerns

– Security, e.g. loss or theft of data on DVD

– Time sensitivity

– Manpower

• Why Rockland Trust chose BDS

– Speed and security

– Cost

– Ease of use

Customer Example – Wake County Schools

“BDS solved our problem immediately; it was simple for us to set up and for our users to use.” – Vass Johnson, Senior Director of Network Systems

• Challenge

– Compliance with FERPA – Family Educational Rights and Privacy Act

– Student information

– Employee background checks

• Concerns

– Email is not secure

– Users will not accept a complex solution

• Why Wake County chose BDS

– Security and compliance

– Ease of use

Customer Example – Mass General Hospital

“A certain level of improved operational efficiency through technology translates into greater cost effectiveness.” – Mark Haas, Manager Health Information Services, MGH

• Challenge

– 41,000 Release of Information (ROI) requests per year

– 12 full time medical abstractors

• Concerns

– Speed

– Efficiency

– Cost

• Solution

– New request received via email

– Record abstracted and uploaded to BDS

– Insurance contact sent the secure delivery

– Credit card payment processed

– Password to unlock delivery provided

Customer Example – John Wieland Homes

“With our previous large file transfer solution, it was awkward to set up accounts and manage permissions. With BDS we now simply add internal users to appropriate security groups and provide them with the web address. The result is a solution that is easier to manage, easier to use, and easier to secure.” –David Cochran, CIO

• Challenge

– Large files shared with internal employees, external clients, consultants, and contractors

– Email system has strict 10MB size limit

• Concerns

– Ease of use

– Help desk time

– Timeliness of file transfers

– Sensitive material could not be outsourced and hosted externally

• Why John Wieland Homes chose BDS

– Customization

– Self-service application, automatic user registration

– Active Directory integration

– Ease of use

Thank you

Thank you

www.BiscomDeliveryServer.com