Biscom Delivery Server Blog

We’re going to Vegas baby!

The BDS team is heading to Las Vegas next week and exhibiting at the International Legal Technology Association’s 2010 conference. ILTA puts out a quarterly magazine (Peer to Peer, in which BDS was featured a few months back), and is the show to attend if you deal at all with the legal IT space. Come by and meet us and learn about the new BDS 4.0 release, as well as our new iManage integration module.

Come see us at Booth 437 at the upcoming ILTA conference (International Legal Technology Assocation) in Las Vegas August 22-26, 2010. The theme will be Strategic Unity, a concept for integrating technology with the practice of law.

This is a great way to network with other legal technology professionals to attend educational sessions, see what’s coming down the pike regarding compliance, and the latest secure file transfer and collaboration tools.

Register for a luncheon that Biscom and Keno Kozie will be hosting in Chicago on August 4th. This luncheon will be a way for legal IT professionals to discuss file transfer technologies, how to lock down files during transport, collaborating with clients and external counsel, and replacing FTP servers with a more manageable and secure solution.

Biscom and Adapative Solutions have just announced the world’s first SFT integration with Autonomy iManage for document management. By integrating BDS with iManage, users can send files in their FileSite repository through BDS directly without having to copy files to their desktop and then send. When receiving files securely through BDS, iManage users can also save files directly to FileSite.

For more information on deploying BDS with your iManage solution, contact Adaptive Solutions. See the full press release here.

New press release on our partnership with Keno Kozie, a leading provider of information technology design, service, and support to law firms and legal departments.

See the full press release here.

Lora Bentley from IT Business Edge asked a smattering of people for their opinion on privacy — whether it’s alive or dead. I started thinking about this and to me, privacy is what we make of it — we can choose whether we keep our lives private (as much as it’s possible to do these days) or open ourselves up to the online world. To me, privacy is both alive and dead, and we’re ultimately responsible for it. That’s when a vision of Schrodinger’s cat popped into my mind — pretty esoteric reference to those who did not take quantum mechanics in college, but what can I say, I’m a bit of a nerd.

I also remembered an article that came out not too long ago about some teen who killer her boyfriend because she was drinking and driving. Not only was this a horrible event, for which the girl was going to be charged as a minor (she was only 17), but she posted a picture of herself on Facebook titled “Drunk in Florida” a month later. The judge caught wind of this and changed his decision, denied her youthful offender status, and instead charged her as an adult. Now, this girl, in my opinion, did not choose wisely regarding her online privacy. However, it was her choice. How much of ourselves we put out there is really up to us.

I don’t subscribe to the idea of complete privacy, because these days that’s pretty hard to do (who doesn’t buy an occasional something from Amazon?) However, we do need to be judicious. And of course, when it comes to obeying the law (e.g. HIPAA, SOX, GLBA, etc.), we should also be aware of the consequences if we don’t protect confidential or sensitive information.

The International Legal Technology Association (ILTA) just published its March issue of Peer to Peer magazine. You’ll find an article I authored on data breaches, privacy laws, and how secure file transfer can help companies distribute their confidential information while complying with various legal requirements. You can also use this link to download the specific article as a PDF.

Our Legal Practice Manager Charlie Magliato is going to be hosting a webinar on managing large email attachments, with special guest Bruce Bial, IT Director at Riemer & Braunstein. You’ll see how Bruce and his team implemented BDS to handle their secure file transfer needs and eliminated large file attachments from going through their Exchange server.

The webinar is scheduled for Thursday, February 25, 2010 from 2-3pm EST.

Click here to register!

Sean Doherty at Law.com wrote a great review of BDS. I’m impressed with the level detail he included in his review — he really dug down deeply into the configuration and setup, but he also goes over usage scenarios in just as much detail. Sean’s audience is probably on the more technical side, and he gives that audience the necessary technical specifics they’ll want to hear about, but he also does a fine job of describing the business case for secure file transfer at a high level. I’d say this is a good primer for people in IT who would be responsible for deploying our solution.

We’re pleased to announce that Traveling Coaches just completed our Reseller Certification program, and we’re excited to have a partner that is focused on secure file transfer for law firms. In addition to selling BDS, Traveling Coaches provides consulting, application integration, and IT support for over 650 law firms in North America.

”Our clients have long struggled with large file transfer and Biscom has the only simple, secure solution on the market.  We are excited about this partnership to provide our clients with the right technology at the right time”, said Gina Buser, CEO and co-founder of Traveling Coaches.

Catchy title? Well, maybe not, but it’s a new privacy and security law in Massachusetts that takes effect May 1, 2009 (postponed from January 1, 2009).

The purpose and scope, as described on the Mass.gov site:

(a) Purpose
This regulation implements the provisions of M.G.L. c. 93H relative to the standards to be met by persons who own, license, store or maintain personal information about a resident of the Commonwealth of Massachusetts. This regulation establishes minimum standards to be met in connection with the safeguarding of personal information contained in both paper and electronic records. Further purposes are to (i) ensure the security and confidentiality of such information in a manner consistent with industry standards, (ii) protect against anticipated threats or hazards to the security or integrity of such information, and (iii) protect against unauthorized access to or use of such information in a manner that creates a substantial risk of identity theft or fraud against such residents.

(b) Scope
The provisions of this regulation apply to all persons that own, license, store or maintain personal information about a resident of the Commonwealth.

While this sounds quite onerous for many companies, and has pretty far reaching implications on IT data management processes and procedures, it’s a step in protecting against the increasing incidence of identity theft and other data leaks. Was this law spurred by the TJX breach of 45.7 million credit cards or when 4.2 million credit card numbers were nicked from Hannaford Foods in 2007? The cleanup efforts far outweigh the investment in security that might have prevented these data breaches (some estimates put TJX at $4.5 billion in accumulated costs in fines, legal fees, notification expenses, and brand damage).

I see stories like these, and dozens of other high profile breaches, as the tip of the iceberg. I doubt there’s going to be any law or compliance legislation that will protect 100% of individual and company data from being lost or stolen, but it does make sense for companies to reassess their data storage and transmission policies to harden their defenses against this.

Companies must look holistically, however, and can’t overlook the fact that data must be protected from many angles. In the introduction to the book Practical Cryptography, the authors, Niels Ferguson and Bruce Schneier, mention scores of companies obsessed with building robust and highly protected network security to foil hackers, but ignored internal concerns, both malicious and unintentional, akin to installing a huge steel front door in your house, but having an unlocked screen door in the back.

With this law, the pendulum has swung quite a bit in requiring companies to have implementations in place to protect personal data, but I hope solutions built for this have both the technical aggressiveness to maintain security, but provide it in a way that is not so complex and hard to use that individuals dismiss it and look for alternative methods that may compromise security.