Archive for the ‘Data Security’ Category

« Older Entries
Newer Entries »

Accellion in Action: Seattle Children’s Hospital

Tuesday, July 19th, 2011

A recent issue of Research Practitioner Magazine includes the article, “Collaboration Moves Research, Clinical Knowledge” and talks about the importance of medical researchers reaching out to potential collaborators, nearby and globally, as they work on ground-breaking medical research.

For more than 100 years, one such facility, Seattle Children’s Hospital, has provided inpatient, outpatient, diagnostic, surgical, rehabilitative, behavioral, emergency and outreach services to children from infancy through young adulthood.  Part of Seattle Children’s Hospital, Seattle Children’s Research Institute, has nine major centers, and is internationally recognized for its work in cancer, genetics, immunology, pathology, infectious disease, injury prevention and bioethics.

Accellion customer Wes Wright, Chief Technology Officer at Seattle Children’s, weighed in on how Seattle Children’s uses file transfer and collaboration technology from Accellion to facilitate their research.

Seattle Children’s Hospital in Washington struggled sending secure files through a difficult-to-use secure file transfer protocol server and using email encryption. Less than a year ago, however, the hospital and foundation switched to a Web-based program, one that offers encryption, user tracking, and transfer of large data files. The program is offered by Accellion, headquartered in Palo Alto, Calif.

The switch to the new file transfer system was spurred primarily by research needs, says Wes Wright, vice president and chief technology officer at Seattle Children’s. “We put the solution in to help us transfer data files for research, but it has since spread out among the whole organization.” After the purchase, the system took only took about three weeks to implement.

About 4,800 employees use the system now… the reason is the simplicity of the plug-in, Wright says. If a user wants to transfer a file, he opens Microsoft Outlook and chooses new mail. In the right-hand corner of the new mail is a plug-in that says “Accellion.” “You hit that button and it opens a file browse window. You browse to the file you want and attach it.”

…The system also tracks who has downloaded and looked at each file. “Whenever anyone accesses a particular file, we keep a log of it,” he says. Sometimes researchers send the file to themselves and download it on their home systems so they can work at home. “We know that user X sent it to himself and then downloaded it when he got home. We can keep track of that file and where it went.”

Such technology is “the wave of the future with HIPAA and high-tech regulations and rules,” Wright says. “The easier we can make it to securely share and collaborate among researchers, it’s going to be a research differentiator.”

We’re so proud Seattle Children’s Hospital staff and research team use Accellion to help move such important work forward.

Posted in Accellion, Collaboration, Data Security, Email Attachments, Healthcare, HIPAA, Mobile | No Comments »

Learning from Morgan Stanley’s Data Breach

Wednesday, July 13th, 2011

Morgan Stanley Admits to Loss of Unencrypted CDs” reads the latest data breach headline in SC Magazine. I can’t help but shake my head as this could have been easily avoided.  The lost information contained 34,000 client account and social security numbers, among other confidential data.  The CDs were delivered in tact to the New York State department of taxation and finance’s mail room and disappeared somewhere between there and the intended recipient’s hands.

IT departments worry about data security and do their best to put systems in place to prevent this kind of data breach.  So how does it happen?  Some of the biggest risks come from employees who work around an IT mandated solution.  In this case, it looks like there was a file too large for either Morgan Stanley’s, the recipient’s, or both systems’ email restrictions.  For the employee who opted to mail the unencrypted CD, the magnitude of the potential loss and risk involved may have never crossed their minds or took a backseat to Getting the Job Done.

You, as an IT professional, can easily save the day and provide a way for your users to share information and collaborate securely.

In addition to banning CDs, thumbdrives, free dropbox-type of applications, FTP or USB sticks, implementing secure file sharing technology such as Accellion’s helps enterprises securely share files in a way that can be seamless to employees and their intended recipients.  With Accellion, you can track and manage who has sent and downloaded what file, where, and via what device.

Since Accellion supports any file format and size, I suspect Morgan Stanley’s CDs were used to transfer files an Accellion user would’ve been able to send easily.  With Accellion, shared files are stored securely on a server, so issues with the recipients’ email storage limits are also bypassed.  And the file is encrypted in transit and at rest.

Some of the world’s leading financial services organizations use Accellion to protect their sensitive data including: AEW Capital Management, American Capital, Australian Unity, Bank of Scotland, Bank of Spain-Miami (Banco Santander), Cigna WorldWide Insurance Company, Covenant Bank, Deloitte & Touche CA, Georgia Bank and Trust, Farmers Insurance Group, Federal Credit Union, HeathMarkets, IMA Financial Group, Inc., KPMG, MIB Solutions, PFS Global Ltd., Princeton Financial Systems, United Community Bank, ViewPoint Bank and Xpress Holding to name a few.

Financial services firms need to protect their sensitive data in a way that’s easy-to-use for employees and easy-to-manage for IT staff.  Accellion solutions can help.

Posted in Accellion, Data Breach, Data Security, Email Attachments, Financial, FTP | 1 Comment »

How many of your employees are taking their iPad or iPhone on vacation?

Monday, June 13th, 2011

Leaving the office behind has always been a challenge for some, but the iPad is now making it even harder. As employees head to the beach, mountains, and island getaways how many husbands and wives are sneaking an iPad into their luggage?

In the past 12 months, with the introduction of the iPad, there has been a surge in the volume of users.  According to information released by Apple for their investor community, close to 25 million iPads have been sold to date.

Many of these iPads are being used for business, and employees are taking advantage of free and low cost cloud-based collaboration solutions to solve their file sharing needs, without adequate security, tracking, or visibility for the organization.

When your employees and their partners are using free, unmanaged cloud-based services to share and sync files, you know your organization is at risk for a data breach, intellectual property theft or non-compliance.  Well, actually, because they’re using these apps and you have no visibility into what they’re doing, maybe you don’t know how exposed your organization is to a data breach.  Consider this instead: how many people in your organization do you think are taking their iPads on vacation with them this summer, and how many plan to access business information on their iPad?  iPads are also attractive targets for thieves and can be accidentally left behind.

Accellion announced today that our native file sharing and collaboration application for the iPad and iPhone have been made available for download off of the App Store in iTunes just in time for school to be out and vacations to begin.  Designed to work with Accellion Secure Collaboration, the Accellion Mobile Apps for iPad and iPhone are now available for download for free from the App Store in iTunes.  Download the app, and know there’s one less thing to worry about before you go on vacation – of course getting caught doing work on vacation might still get you in trouble with your loved ones.  We can’t help you there.

Posted in Accellion, Collaboration, Data Breach, Data Security, Mobile | No Comments »

From Network World: Microsoft security expert warns over SharePoint data at risk

Friday, May 6th, 2011

Robert Mullins’ Network World blog entry warning that SharePoint data might be at risk comes as no surprise.  Customers have come to us for a way to extend the file sharing functionality of SharePoint securely beyond the firewall for the last few years.

What was most interesting is the research done by Randy Franklin Smith of Ultimate Windows Security.  The company’s survey showed that:

SharePoint users come from highly regulated industries: 38.2 percent comply with PCI; almost 20 percent with HIPAA; and 27.6 percent with SOX.  However, 72 percent of respondents have not evaluated the compliance issues related to their SharePoint data.

72 percent.  With the high profile data breaches happening every week, it’s important that these companies work on an overall data security strategy that includes SharePoint.

With Accellion’s plug in for SharePoint, it simply becomes another choice in the pulldown menu within SharePoint that lets users choose to share certain files with added security inside and outside the organization.  That means: an easy-to-use reporting and audit trail, three tiers of defined user access, file encryption while being transferred and at rest, and the ability to set an expiration date for the file and to set permissions upon sending the file.

Accellion Secure Collaboration is a finalist for the Best of TechEd awards at Microsoft TechEd North America this year in Atlanta, May 16-19.  Feel free to come by our booth 1830 for more information and to say hello.

Posted in Accellion, Data Security, HIPAA, Mobile, SharePoint | No Comments »

What we can learn from our friends in the Government

Tuesday, May 3rd, 2011

Reports from the team who attended GovSec in Washington DC highlighted that there is a lot to be learned from the government sector.  Based on recent conversations, it seems to me, government IT organizations are among the most risk averse of all industry sectors.  Risk adverse organizations are:
o    Proactive; they don’t wait for a data breach to happen, they secure their communications
o    Most likely to have an organization-wide data risk assessment and profile
o    Understand that a true adversary only has to be right once, but your security measures have to be right in every possible way
o    And understand that the most destructive adversary can easily come, accidentally or intentionally, from within the organization.

We’ve seen plenty of high profile, reputation-destroying data breaches this month, including the recent notable addition of Sony to the list.  We’re still waiting for specifics on how many of these data breaches occurred, and the true price Sony will ultimately pay, not just in lost revenue while the network was down, but also in lost future revenue as gamers switch to the competition.

Most organizations wait till a major problem happens, and then take action.  John Pironti, during a recent Accellion-sponsored Enterprise 2.0 webinar, entitled “5 Security Essentials for Collaboration” put it best.  After a data breach, companies,   “fire people, hire a new outside security team, and throw a lot of money at finding a solution.  For six months.  And then attention wanes.”

Maybe it’s because politics is fickle, maybe it’s driven by regulatory compliance, or maybe it’s because government – federal, state and local agencies have seen the repercussions of data breaches and have digested tough lessons from their peers.  Whatever the reason, we have seen robust growth in this segment, with new Accellion government wins across the globe, from The Bahamas to Western Australia, from governing bodies to law enforcement agencies.  Organizations have to react once a data breach or noncompliance occurs, but it’s great to able to point to some good news and a market segment that’s being proactive.

 

Posted in Accellion, Collaboration, Data Breach, Data Security, Government, UK | No Comments »

If a tree falls in a forest, and no one hears it, does it make a sound?

Friday, April 15th, 2011

If a tree falls in a forest, and no one hears it, does it make a sound?  Or the file sharing equivalent – if an employee uses a free personal file sharing account, and IT doesn’t know about it, does it still present a security risk?  You bet it does.

This week’s CIO UK article entitled CIOs: Break security rules to make them better raises an important point that IT needs to get involved with the applications and devices that employees are bringing into the workplace in order to improve security.

IT experimentation with consumer oriented services lets IT see the type of services that employees are looking for but also gives IT firsthand knowledge and experience of the alarming security implications.

Anyone who has signed up for a free dropbox type of account knows how convenient it is for syncing files.  At the same time anyone with a sense of information security gets this niggling feeling that something isn’t quite right about the ease of moving files out of the organization.

So if employees are using free personal file sharing accounts for enterprise use and IT doesn’t know about it, does it create a data security and compliance risk?  You bet it does.  In fact an informal survey of IT folks indicates that in most organizations IT does know that employees are using a variety of free personal  file sharing apps.

So what’s a good approach for IT to deal with this?  A good first step would be to signup for a free file sharing account and see firsthand not only how easy it is to use but also how easy it is to abuse.  Then make it a priority to deploy an enterprise solution for secure file sharing that makes everyone happy.  Let us suggest Accellion.

Posted in Accellion, Data Breach, Data Security, Product | No Comments »

The Data Breach that Keeps on Giving

Tuesday, April 12th, 2011

The Epsilon data breach of last week keeps on giving, with millions of email notifications being sent out from the companies affected, informing recipients of the incident.  The New York Times has weighed in and made recommendations for Congress to address this type of failure for consumers with an editorial “Who Really Sent That E-Mail?”

The breach at Epsilon underscores the urgent need for a federal standard of data safety that ensures companies follow adequate policies and procedures to protect consumers’ information and determines companies’ legal liability for breaches. As Congress debates new data privacy rules, it should put data security at the forefront.

We agree with the The New York Times about the importance of protecting consumer information and hope Congress and more companies take data security seriously.  Trusting third party marketers with your data is a risk, but there are ways to mitigate the risks and share securely.  A big part of why corporations and government agencies deploy Accellion is to be able to keep track of who is using what data when, internally and across organizational boundaries.

Posted in Accellion, Collaboration, Data Breach, Data Security | No Comments »

Top Ten Reasons You Need Secure Collaboration

Tuesday, April 5th, 2011

10.  Your company has already had a data breach. Don’t make the same mistake twice.  According to a recent survey by McAfee, only half of the companies who have had a data breach or attempted data breach, have taken steps to remediate and protect systems for the future.

9.  People don’t think before they send files. Ideally, they would think twice. But they don’t.  A lawyer accidentally sent a confidential document to a New York Times reporter instead of to a law colleague–both shared the same last name. The result: Nightmare on Email Street.

8.  People get distracted and leave things behind, including that shiny new iPad with the latest sales pricing and quotes.

7.  People write down passwords in obvious places including the same bag their iPad was in when it was left behind.

6.  People turn off security safeguards if they get in the way.

5.  No matter what kind of company you are, you can be a target. The recent data breach at marketing firm, Epsilon, ended up being a colossal 2,500 company data breach, for the price of one.  Epsilon counts brands like BestBuy and Citigroup among its 2,500 customers, or did.

4.  People upload documents to unsecure file-sharing sites even when they know they shouldn’t. Doctors, in blatant violation of HIPAA, have been known to “go outside the system” to send MRIs, including use of free dropbox-type services.

3.  People download files they shouldn’t. If an employee leaves a company, sensitive files often leave, too.  Even worse, files may continue auto-syncing.

2.  Customers get mad when their credit card information is stolen, especially when they get charged for a 3D HDTV that they didn’t order, and that wasn’t delivered to their house.

1.  You like your job and want to keep it.

 

Accellion Secure Collaboration: Share Securely.

 

Posted in Accellion, Collaboration, Data Breach, Data Security | 1 Comment »

“Forget telling execs they can’t use their new shiny iPad”

Thursday, March 31st, 2011

Thanks Mike Rothman, analyst and president at security research firm Securosis, for pointing out in this week’s CSO article by George Hulme, that denying execs the use of their shiny new iPads is not going to make anyone popular. We agree with you Mike, “You have to try to find a way to secure these devices the best you can.”

Judging by the lines outside the Apple stores, more iPads are heading into the enterprise, so this issue is not going away. What’s the big deal with iPads? George Hulme sums it up perfectly “One of the biggest challenges the consumerization of IT creates for the enterprises is the lack of control over where work data is stored and how it’s shared on user devices.”

So if your execs are starting to show their high-tech flair, bringing iPads into the office – here’s our Accellion iPad security tip to keep everyone happy and secure:

Implement Accellion Secure Collaboration so that execs have secure access to sensitive information from their iPads but the information is stored on secure servers not on their iPads.

The result:

i) Your execs get to use their shiny new iPads to easily and securely access and share information with internal and external users.

ii) Confidential information is stored securely on IT managed servers.

iii) You have complete tracking of all file activity including dates and times of all downloads, uploads and recipients.

iv) When your exec leaves their iPad at the client site, on the train, in a conference room, you don’t need to call in a SWAT team, Accellion has you covered and your files are safe.

Here’s a link to more information about Accellion mobile apps. It’s the app every exec with a shiny iPad needs, so they don’t tarnish your company’s security.

 

Posted in Accellion, Collaboration, Data Breach, Data Security, Mobile, Product | 2 Comments »

Accellion in Action: National Park Service

Wednesday, March 9th, 2011

The Federal Times ran an article yesterday on how IT organizations can make information sharing easier by giving end users more control.  The article featured an interview with Accellion’s customer, The U.S. National Park Service.  An excerpt is here:

The National Park Service has some 140 projects in the works thanks to stimulus spending — everything from Everglades restoration in Florida to the rehabilitation of the Reflecting Pool on the National Mall.

All these projects come with paperwork. Documents, drawings, maps and blueprints all must be shared by architects, engineers, construction teams and management partners. E-mail won’t cut it, said Edie Ramey, division chief of information management at the Park Service’s Denver Service Center. Files are too big, security too uncertain and recipient lists too hard to keep current.

The Park Service solves the problem with a mix of technologies. It uses secure file transfer software from Accellion of Palo Alto, Calif., to manage the motion of so many very large documents, then makes the end product accessible in SharePoint for all the relevant parties to share.

The solution solves two integral questions in the world of collaboration: who gets in and who stays out.

“It’s all about the security,” Ramey said. “We used to have something that was basically a big old file-share. Anyone could get in with a generic password and address. They would have access to any files on the [shared space], not just their project files that I would give them permission to see.”

More and more we are seeing IT organizations work to provision their employees and external collaborators with  easy-to-use tools to increase productivity, while ensuring the enterprise organization the security protection it needs. With Accellion, this can be done easily while making the most of investments IT organizations have already made in technologies like SharePoint.

This means the US National Park Service can enjoy securely sharing information almost as much as we enjoy U.S. National Parks.

Posted in Data Security, Email Attachments, FTP, Government | No Comments »

« Older Entries
Newer Entries »