Securing Business: Strategic Enablement of Users


Published on

Sending big files is not as easy as it sounds and it definitely is appropriate to use email or ftp. Communicate securely and enable users to do business through a strategy, not technology.

Published in: Technology, Business
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Overtime things get implemented as one offs --- these one off solutions create a “hairball” of processes and data exchange across systems, data centers and geographies. Not good.
  • Stonebranch simplifies this
  • Just re-iterate tha with the security, monitoring and support for ad-hoc Stonebranch can be a single platform for securing the enterprise and the “people”.
  • Securing Business: Strategic Enablement of Users

    1. 1. Business & IT: From Infrastructure to People
    2. 2. Business and IT Realities <ul><li>Always on communications </li></ul><ul><li>Confidential communications </li></ul><ul><li>Global Infrastructures </li></ul><ul><li>Duplicate systems </li></ul><ul><li>Complexity is growing </li></ul><ul><li>Compliance is critical </li></ul>
    3. 3. Green IT Security & Compliance Business Process Business Continuity Risk Management ITIL Cost Management Process Maturity Capacity Planning Service Delivery Contingency Planning Supply-Chain Management Disaster Recovery Data Management Enterprise to Enterprise Collaboration Business Value IT Pain Management Performance Value for IT Revenue Enhancement Strategic Value Strategic Advantage Revenue Growth Profit Growth Cost Reduction Business Agility Server Consolidation Virtualization IT Automation Workload Optimization Data Management Risk Management Capacity Planning SOX HIPAA Basel II Healthcare Information Exchange Fax Business Service Management EDI provisioning X.509
    4. 4. Communications Landscape: The Reality Latency Content/Context Batch Real-Time Bulk Transactional Documents Messages <ul><li>>80% of data movement today is by file exchange </li></ul><ul><li>80% of the data movement remains unmanaged </li></ul><ul><li>The primary method of multi-enterprise integration will continue to be file exchange </li></ul><ul><li>Only about one-seventh of all healthcare transactions are processed electronically today. </li></ul>Meta Group / Gartner
    5. 5. The Impact: Communications Chaos Limited Visibility | Enforcement Issues | Operational Risk email ftp sms files messages fax B2B
    6. 6. 1: MFT Ain’t Just for Technologist <ul><li>MFT requirements don't just come from the data center. They also come from users who need to send files in an ad hoc fashion to support collaboration and compliance . </li></ul>
    7. 7. Where’s your data? FTP alone is not a viable option to give you the insight, security and performance and, ultimately, the risk mitigation necessary to responsibly conduct business . iPhone's problems concerns a new SMS vulnerability that could allow an attacker to remotely install and run unsigned software code with root access to the iPhone. Because e-mail connects through many routers and mail servers on its way to the recipient, it is inherently vulnerable to both physical and virtual eavesdropping . Current industry standards do not place emphasis on security ; information is transferred in plain text , and mail servers regularly conduct unprotected backups of e-mail that passes through.
    8. 8. 2. Modernization isn’t Only a Platform Decision <ul><li>IT modernization initiatives and the underlying scheduling and communication foundations should also be modernized. </li></ul>
    9. 9. Modernization is about Extending Value
    10. 10. The modernizing automating communication improves… <ul><li>Customers service </li></ul><ul><li>Project document reviews </li></ul><ul><li>Contracts and agreements </li></ul><ul><li>Personal Healthcare Info </li></ul><ul><li>Strategic planning </li></ul><ul><li>Product Design timelines </li></ul><ul><li>Governmental filings </li></ul><ul><li>Insurance claims </li></ul>Operations Processes <ul><li>Integration </li></ul><ul><li>Visibility </li></ul><ul><li>Compliance </li></ul><ul><li>Reporting </li></ul><ul><li>Workflows </li></ul><ul><li>Service Levels </li></ul><ul><li>Costs </li></ul><ul><li>Revenue </li></ul>
    11. 11. 3. IT is the bottleneck! <ul><li>The speed of business requires business focused solutions which require less IT assistance for provisioning and ongoing demand management </li></ul>
    12. 12. One size does not fit all Business processes and people have different requirements and capabilities
    13. 13. Users Think Out of the IT Box For Communications and File Exchange
    14. 14. Users have Options that don’t require IT or Budget authorization!
    15. 16. It won’t happen to me…. The University of Miami announced that a case of six computer backup tapes containing the personal health information of some 2.1 million patients was stolen from a vehicle on 17 March. The data included information on hospital patients dating back to 1 January 1999. 2.1M patient records stolen NY Presbyterian Hospital employee stole patient information as part of an identity theft ring. The patient admissions rep accessed the personal health information of nearly 50,000 patients. He began to access the files and sell the information in early 2006. Hospital employee sells 50K patient records Health insurer WellPoint confirmed that the Social Security numbers, pharmacy and prescription records, and other personal health information for approximately 130,000 of its customers were left unsecured on the public Internet. Insurer leaves 130K records unsecured
    16. 17. 4. Compliance drives Value <ul><li>IT and business compliance are rapidly merging. The impact of audits and operations require effective governance & security for file transfer </li></ul>
    17. 18. Changing Processes It’s about continued compliance and improved agility, not technology
    18. 19. Changing Healthcare Compliance <ul><li>Security Rules Apply Directly to Business Associates </li></ul><ul><li>Stricter PHI Management Requirements </li></ul><ul><li>Electronic Healthcare records </li></ul><ul><li>Required HSS Audits </li></ul>
    19. 20. TARP
    20. 21. 5. Process is as Process Does <ul><li>Centralized secure file transfer disciplines and technologies to manage end-to-end business processes is required on-premises, for software as a service, outsourcing or in the cloud. </li></ul>
    21. 22. Where’s your file? Multiple Platforms & Tools = Complexity
    22. 23. Connections are EVERYWHERE! Infrastructure, Files and People
    23. 24.
    24. 25. Unified Communications: Processes, Payloads & People
    25. 26. A Single Platform for Platforms Payload and People <ul><ul><li>Processes </li></ul></ul><ul><ul><li>Data Centers </li></ul></ul><ul><ul><li>Application </li></ul></ul><ul><ul><li>Integration </li></ul></ul><ul><ul><li>Expert Systems </li></ul></ul><ul><ul><li>People </li></ul></ul><ul><ul><li>Messaging </li></ul></ul><ul><ul><li>Ad-hoc Exchange </li></ul></ul><ul><ul><li>Flexible Deployment </li></ul></ul><ul><ul><li>Payload </li></ul></ul><ul><ul><li>Security </li></ul></ul><ul><ul><li>Encryption </li></ul></ul><ul><ul><li>Data exchange </li></ul></ul><ul><ul><li>Expert Data Management </li></ul></ul>INDESCA INFITRAN Scribbos
    26. 27. So what are you going to do?
    27. 28.
    28. 29.
    29. 30. One size does not fit all Different capabilities, scale and value
    30. 31. Benefits of Strategic MFT Approach <ul><li>Secure Communications </li></ul><ul><ul><li>Customers, Outsourced Services, Partners </li></ul></ul><ul><li>Improved Service Levels </li></ul><ul><ul><li>Automated workflows </li></ul></ul><ul><li>Improved compliance </li></ul><ul><ul><li>Corporate (Internal controls/audits, security, sustainability) </li></ul></ul><ul><ul><li>Governmental (SOX, Basel II, HIPAA…) </li></ul></ul><ul><li>Security Enforcement </li></ul><ul><ul><li>Process level governance </li></ul></ul><ul><ul><li>Content and session encryption </li></ul></ul><ul><li>Improved visibility and control </li></ul><ul><ul><li>Process status </li></ul></ul><ul><ul><li>Exceptions </li></ul></ul><ul><ul><li>Transactions and Trends </li></ul></ul>
    31. 32. Benefits of a Centralized Solution <ul><li>Legacy </li></ul><ul><li>Emerging </li></ul>Single Operational Environment <ul><li>Policy Definition </li></ul><ul><li>Run-time Enforcement </li></ul>Single Governance Environment <ul><li>Single Repository </li></ul><ul><li>Rules based notifications </li></ul>Better Audit Capability <ul><li>User access </li></ul><ul><li>Encryption </li></ul>Better Corporate Security
    32. 33. Questions? Please use the chat features of the webinar