Saturday, August 6, 2011

Capability-based, Secure Convergence

Continued from previous blog article: Communication Convergence

Communication convergence is ongoing, for example between the mobile and the fixed Internet. This is putting pressure on businesses to enable more of their services to be accessed and used seamlessly across different networks and platforms.

While communication convergence is good for business, it must also meet contract, regulatory, and legal duties such as availability, accessibility, equal access, integrity, breach notification requirements and fines, and confidentiality (when needed). These concerns, of course, also affect consumers and whether they are willing to use an online resource provided by an organization.

The ZSentry solution is as ingenious as it is simple to explain. The next sections can help you apply it.

Organizations today would likely see the following main choices of resources for services, devices, software, network, and providers:
Google Apps, Gmail, Yahoo, Outlook, Thunderbird, Apple Mail, iPad, iPhone, Android, Blackberry, Internet Explorer, Firefox, Safari, Exchange Server, email, webmail, SMS, IM, Single-Sign-On, and file storage.
However, in defining a suitable set of resources, the central question for a corporate purchase decision is not about the resources themselves. What matters is the set of capabilities that they can support in common, and how this set matches the business needs of the organization. Organizations, therefore, have to look into what capabilities those resources may have in common, such as:

(a) They are HIPAA compliant
(b) They work together
(c) They can help reduce online risks
(d) They make it easier to use different devices

Today, however, the only common point between those resources is (e) none of the above.

But option (e) is not helpful. The list of resources above includes leading brands and services and yet many organizations cannot use them due to lack of HIPAA compliance, which is a mandatory business need in the US health-care sector. Other organizations have no legal HIPAA requirement but face other barriers in using those resources, such as higher online risks (e.g., passwords, server breach), not working well together, and limited functionality.

Adding NMA ZSentry creates a new option: “all of the above and more”

NOTE: NMA ZSentry is available at

What NMA ZSentry does NOT do: Changes. ZSentry does not change any of the services, devices, software, network, or providers. There is no change to any user interface. Does not change how email or other Internet protocol works. Does not receive email and does not host email addresses for users. There is nothing to download or install, no plugins or add-ons, no digital certificate to add. There is no POP or IMAP server use, no stored cookies, no ActiveX controls, no Java, Javascript is not required, setup is optional.

For example, you continue to receive email at your usual Inbox, with an email address that you already have, using your Mail client or web browser as before, and with nothing routed through ZSentry.

What NMA ZSentry DOES do: ZSentry complements the capabilities offered by leading services, devices, software, network, and providers, enabling compatible, usable, secure, HIPAA & HITECH Safe Harbor compliant solutions in all platforms, with seamless operation and surpassing known limitations including higher online risk (for example, due to password vulnerabilities and server breach).

How is this even possible?

We designed NMA ZSentry as a middleware, which is a technical term. It means that ZSentry stays in-between (the “middle” in middleware) what you already have. It works with the message itself, not receiving the message, not at a storage place for the message, and not even in sending the message.

User Requirements & Security

Particularly for businesses, communication convergence must not only offer services that work together. They should also be HIPAA compliant (when needed), Safe Harbor compliant (to eliminate costly breach notification requirements and fines), help reduce online fear, make it easier to use different devices, present a uniform user interface and, for easier adoption, reduce change.

These needs can be provided by adding ZSentry, which works Sans Target and is able to fully protect personal and other sensitive information against inappropriate and unauthorized use and disclosure, whether due to external or internal attacks.

ZSentry can also work at client and server sides with a least-requirements strategy, automatically using what is available and offering “instant-compliance” with HIPAA and HITECH Safe Harbor regulations.

The Focus is on Capability, not Resources

By adding ZSentry, communication convergence becomes more effective and can be used to also blur the lines between resources such as services, devices, software, network, and providers. Rather than talk about resources the focus is now on capability, which is what matters for businesses.

With ZSentry, it is also not so relevant anymore where a capability resides or how it emerges for the user. What matters is that the capability is provided according to the User Requirements that are needed for the operational conditions. For example, if the organization sending protected information is a Covered Entity under HIPAA, it matters whether a user can read it with HIPAA compliance.

Easier Market Entry, More Choices for Customers

By adding ZSentry, what used to be a software, that needed to be bought, installed, and often updated, can become a service that has no installation and is always up-to-date. A market dominated by a secure corporate email service using proprietary devices tied to a single provider, can be disrupted by a secure corporate-oriented ZSentry service that works in any device and provider, and not just for email.

Adding ZSentry is also a platform that facilitates the opening of communication markets to competition and empowers users to find their own desired aggregation of resources including services, devices, software, network, and providers, rather than only using available market packages.

Can Convergence be Personalized?

Communication convergence benefits both consumers and business, and increasingly allows real-time, anywhere use. However, users need to make do with whatever convergence level might be available in the market, even at the high-end.

By adding ZSentry, users can personalize the convergence experience. For example, consumers may just want a least-cost combination, while organizations may want to choose a best-of-breed combination of resources that reduces both risk and cost.


NMA ZSentry provides organizations with regulatory compliance and communication convergence as a service/platform, working with leading solutions in an “all of the above and more” approach.

Adding NMA ZSentry technology can also help new companies play a role in the process of convergence, where new market players can move in more rapidly and with less cost, adopting different market models from conventional telecommunication companies and potentially create new markets.

More: Visit ZSentry >>

Monday, August 1, 2011

Communication Convergence

Not so long ago, the world of communications was neatly compartmentalized. Companies used email for quick discussions, FedEx for contracts, fax for urgent documents, phone for business conversations, websites for digital media, and meetings usually required traveling. Each method was specialized in application.

Today, we look to do all that with a cell phone.

Or a tablet, or whatever we want to use. This shift to communication convergence is felt by many organizations today, but one may not be quite aware of it as a pattern, or that it can greatly benefit —or doom— a business.

However, once recognized, the communication convergence pattern starts to pop up everywhere. Communication convergence is a broad shift in business communication and messaging applications, including services, devices, software, network, and providers worldwide.

What may be driving this shift? Perhaps you can identify some causes in your own line of business, such as:
  • Users' changing expectations
  • Real-time pressure
  • Less cost, less waste, less people
  • Unfettered mobility
  • Replace older services (fax, voice mail, telex, help desk, ...)
  • Benefit from new technologies
  • More online services
  • Eliminate paper, improve availability
  • Integrate auditing
  • Simplify (billing, management, training, sales, ...)
  • Reuse investment
  • Promote revenue
According to Microsoft, the explosion of social networking with consumers has changed their expectations about how they can and should connect with businesses. Real-time is a new imperative.

While causes may vary by use and location, and differ in relevance for a particular business, what is relevant is that many businesses are finding that they have to keep continuously rethinking their communication strategies with customers, employees, and partners, and react fast. What worked last year may no longer work today.

For example, the ongoing communication convergence between the mobile and the fixed Internet is putting pressure on businesses to enable more of their services to be accessed and used seamlessly across different networks and provided over multiple platforms, including office systems, in an interactive way.

Communication convergence represents a broad shift from the traditional “vertical silos” architecture, i.e. a situation in which different services are provided through separate networks, to a situation that changes service boundaries, service
characteristics, and enables the offer of new services.

What to do when the “fear gauge” flashes red?

Communication convergence also means that systems that were never meant to interoperate are now able or even called to do so, and this can create unexpected problems on different levels, for example with users, administrators, and in auditing.

Everyone knows about well-designed webpages on the desktop that fail to show anything useful on a cell phone. Urgency may cause protected health information to be sent by email, exposing the organization to a HIPAA violation.

Convergence can also be misused, for example when different systems share a vulnerability that serves as a backdoor between them. Protocols and devices which were not designed to be connected together, all of a sudden can communicate as when using a jail-broken cell phone to hack into another phone or a web site. Limited-performance mobile systems can be tethered to powerful desktop systems and avail themselves of much higher computing and connectivity capacity than their software was designed to contain.

These issues are particularly important for businesses, where communication convergence must often meet contract, regulatory, and legal duties such as availability, accessibility, equal access, integrity, breach notification requirements and fines, and confidentiality (when needed).

That is when the “fear gauge” flashes red. Clearly, communication convergence militates against the IT security need to lock down systems and prevent unintended access. These concerns, repeated by media in frequent cases, can enforce consumer online fears, affect users, and influence whether they are willing to use an online resource provided by an organization.

And that is when enterprises meet the flip side of communication convergence, which is also made very expensive by regulatory compliance with HIPAA, HITECH, mandatory breach disclosure and other rules that impose large fines and cost.

Communication convergence increases the probability of hacking, can be quite messy, and seems to not yet work quite well enough with what users want.

NMA ZSentry is a unique middleware technology that takes in the difficult aspects of communication convergence and regulation compliance and balances them with a service/platform that creates "instant on" compliance and convergence, anywhere, anyhow. The result is communication convergence that is functional with the usability, security and privacy needs, not adversarial.

Continues in the next NMA Tech Note: Capability-based, Secure Convergence