Customer Spotlight — Financial Institution Banks on ZixOne to Overcome BYOD Hurdle

If a company isn’t familiar with BYOD, then implementing it can seem like risky business.

These concerns are compounded when the company is a financial institution, in charge of protecting its clients’ valuable financial assets.

That’s why when First State Bank of Bedias (FSBB) was considering a BYOD program, it knew it had an important decision to make.

Like many organizations, FSBB had to overcome the hurdle of using BYOD to enhance employee convenience and productivity, while ensuring the appropriate measures were taken to keep corporate and client data safe.

Originally, management considered solutions that imposed control over the device but realized the approach wasn’t ideal for the user. That’s when the organization turned to ZixOne and its “no corporate data on the device” BYOD solution.

As Jody Smith, senior vice president of Info Systems & Operations for FSBB, puts it: 

“When we considered expanding [mobile] access to employees other than the executive team, we found alternative approaches imposed on employee control, and it was hard to dictate what employees could or could not do on their own personal devices. ZixOne was a cure-all. It significantly reduced the likelihood of a breach without taking convenience, control or privacy away from our employees.”

Along with providing employees with a simple, hassle-free experience, FSBB also found the ZixOne approach is acceptable among regulators. 

“We don’t worry about local storage, and our regulators are pleased that we have a clear answer for mobile risks. In a recent audit, the controls in place through ZixOne were easy to explain and quickly satisfied federal requirements,” said Smith.

While implanting BYOD might seem risky, FSBB learned that with the right solution, BYOD can be a breeze. Employees have the email access they want, IT knows that data is protected and regulators are happy with the security of the product.

A little about First State Bank of Bedias:

  • Independent community bank serving Grimes County, Texas and surrounding counties
  • Headquartered in Bedias, Texas
  • Opened in 1907
  • Dedicated to implementing new technology, while providing customers with a team of decisive, responsive and experienced banking professionals

Posted in Company News | Tagged , , , , , | Leave a comment

What Enterprise Mobility Management Vendors Aren’t Telling You

Last week a few of us at Zix attended the Gartner Symposium ITxpo in Orlando, Fla. From workshops, to keynotes, to roundtables, the four-day event focused on today’s digital world and how it’s redefining IT.

ZDNet Editor-in-Chief Larry Dignan attended the conference and shared his thoughts about the on-site Enterprise Mobility Management exhibitors. His key takeaway was that he couldn’t hear through all the white noise and concluded “many vendors sounded alike.”

We hear ya Larry (or maybe not, since it IS sounding a little noisy)!

He proceeded to write:

Simply put, bring your own device (BYOD) policies are a pain to manage, the security stakes are only getting higher and mobility is pervasive. Meanwhile, enterprise mobility management (EMM) vendors are still being sorted out.

Well, Mr. Dignan, to that we say:

Larry,

You bring up some very valid points.

BYOD, while well-intentioned, can make IT managers, CIOs — and especially employees — want to pull their hair out.

The downfall of most EMM/MDM solutions — and vendors you spoke with — is that they pose too many restrictions or too much control over the user’s device. Quite simply, they don’t have the end user in mind. Employees wanting more convenience brought the BYOD movement to light, and EMM is putting us right back where we started — to the old days of restricted corporate-supplied devices.

Most companies are completely unaware that there’s another option, so they settle for something less than what meets the needs of IT and their employees.

At Zix, we’re shouting from the rooftops to let them know — THERE IS A BETTER WAY!

In the coming years, we’re going to start seeing the use of mobile apps that enable access to corporate assets on the employee’s personal device without allowing that corporate data to actually reside on the device.

There are two key benefits to this.

  1. First, keeping data off the device limits the potential for compromise if the device is lost or stolen and taken offline.
  2. Second, it gives employees the freedom to use their devices how they please, without worrying about tradeoffs like remote wiping, invasion of privacy or a compromised user experience.

Let us give you an example.

On the show floor, we had several government organizations approach us saying that the “no data on the device” approach would be conducive to their work, where data spillage and the escalation of “now-confidential” information eliminate BYOD as an option . For instance, a contractor might be working on a project that escalates in terms of importance and confidentiality. This means that contractors have to bring in their personal devices to have everything wiped, instead of simply deleting that unsecured data from the company server.

This approach also makes sense, because the majority of employees only want or need access to one corporate app —email. For others who need access to more, the added controls and restrictions of EMM or MDM makes sense. But for that majority, companies shouldn’t need to impose a second corporate-owned device or restrictions on the employee’s personal device when the solution could be as simple as downloading an app.

Given our approach to mobile security, we can’t ever expect an apples-to-apples comparison with EMM, MDM, etc. But, we think that’s a good thing since we have an approach that doesn’t sound like the rest.

Next year, we hope you stop by our booth, so we can prove that BYOD doesn’t have to be a pain.

Sincerely,

Zix Corporation

Posted in Bring-Your-Own-Device | Tagged , , , , , , | Leave a comment

Why Office 365’s Email Encryption Doesn’t Add Up

With the growing realization that data security and email encryption are absolutely essential, large email providers are rushing to play catch-up. But are they paying attention to the users?

In November 2013, Microsoft first announced message encryption for Office 365. But after some initial complaints over the system’s usability (people receiving the encrypted messages had to be logged into a Microsoft account to view them), things are starting to change.

Last Friday, Microsoft announced that recipients of Office 365 email no longer need a Microsoft account to view messages. Instead, they can view their encrypted messages using a one-time passcode that Microsoft sends via email, which expires after 15 minutes. It’s not clear to us what happens to that message if the user doesn’t open it in the 15-minute window, but it seems like a less-than-ideal solution if you’re trying to fix a usability problem.

Despite the head scratches regarding the announcement, what actually raised eyebrows was the figure that Microsoft touts when it comes to the number of emails they are encrypting.

Since going live eight months ago, Office 365 Message Encryption has been used to protect the content of more than 1 million emails.

Seem like a lot? What if we were to tell you that…

Zix encrypts 1 million messages in a single business day.

Why? Because we understand the concept of “ease of use” and so do our end users.

For approximately, 75% of encrypted messages delivered by Zix, no password or portals are needed.  Senders and recipients simply exchange email as they normally would. All outbound messages are automatically encrypted, mitigating virtually all risk, and are automatically decrypted on the receiving end. The other 25% of messaged can be received through a convenient, mobile-friendly secure Web portal.

Many email encryption products in use today are outdated and complex, which can lead to employees skirting the rules to avoid having to deal with the hassle of encryption. Clearly, this puts businesses in a precarious position, especially with the number of data breaches that we read about happening daily.

If you want to get your employees and, more importantly, your valuable customer and partners on board, make sure you’re deploying an effective, easy-to-use email encryption solution.

Posted in Email Encryption, Email Encryption Trends, Simple to Use | Tagged , , , | Leave a comment

Customer Spotlight – Financial Holding Company Switches To Improve User and Customer Experience

Financial institutions have a responsibility to protect customer information. That used to mean non-user friendly programs that were clunky and difficult. Sure, the data was protected, but they were also incredibly inconvenient for everyone involved.

This was the issue DCP, LLC was running into with its previous email encryption solution, Cisco IronPort Encryption Appliance (IEA). Both employees and customers were complaining that the solution was too cumbersome – regularly encrypting emails that didn’t contain sensitive information and forcing users through a painful delivery process.

DCP realized it would need an encryption solution that offered first-class security and also emphasized a user friendly experience for both employees and customers. And with Cisco announcing the end of life for its IEA solution in July 2015, time was of the essence. This made the switch to Zix Email Encryption an easy decision.

The broad use of Zix Email Encryption in the financial industry was a contributing factor in DCP’s switch to ZixCorp. All federal financial regulators, more than 20 state financial regulators, such as the Missouri Division of Finance, and one in every five U.S. banks trust ZixCorp to secure their email.

“ZixCorp is a trusted company within the banking industry, which provided us with even greater confidence as we transitioned to its email encryption,” said Shane Nunn, Network Systems Engineer at DCP.

Shane will provide additional insight into his selection of Zix Email Encryption and his experience with the switch in a webinar on Sept. 30. To register for the online event, click here.

A little about DCP, LLC:

  • Located in Washington, Missouri
  • Holding company for multiple banks, including Bank of Washington, Citizens National Bank and United Bank
  • All bank employees now use ZixCorp to protect financial information and other sensitive data that is included in emails

Posted in Email Encryption | Tagged , , , | Leave a comment

Survey Says… Individuals Would Rather Lose Wallet, Than Mobile Device

Let’s face it – we trust mobile devices with some of our most priceless information, from photos to bank account numbers to work emails. But with the rise of BYOD and the fact that every 3 minutes a personal device is remotely wiped by an employer, it’s not surprising that recent findings indicate some people would rather lose their wallet than their mobile device.

In a recent study, we asked more than 1,000 respondents their views on corporate BYOD policies and the value they place on personal data contained on their mobile devices. Let’s take a look at the top issues employees are facing when it comes to BYOD. 

  1. Employer control is impacting BYOD adoption. Many employers have incorporated remote wiping into their BYOD policies and security strategy. However, 71 percent of respondents said they would avoid using their personal device for work if they knew it could be completely wiped if the device was lost or they left the company. 
  1. BYOD policies affect how long it takes employees to report missing devices. The chances of corporate data being accessed by outside sources when a device is lost or stolen increases with time. With the threat of remote wiping, 41 percent of employees would wait a few hours to over a week to report their phone missing. 
  1. Privacy invasion is a top concern. The possibility of employer overreach is a top concern when it comes to BYOD. Employer access to personal information was ranked as the most concerning by individuals. 
  1. Tracking location can be seen as less egregious than wiping a device. The importance of personal information stored on mobile devices is valued more than privacy. More than half of respondents would rather let an employer track their location than wipe data such as personal photos, contacts and email.

Although employees have significant concerns about privacy and employer controls, they do not have to be a barrier to BYOD enablement or adoption if companies shift their BYOD security strategy from controlling the device to controlling the data. By leveraging the right BYOD approach, companies can ensure that data is better protected while keeping employees happy. Without the threat of remote wiping or privacy invasion, employees are more likely to adopt BYOD as well as protect corporate data without hesitating to report a lost or stolen device. To see our full survey findings, check out our interactive results page.

Posted in Bring-Your-Own-Device | Tagged , , , , , , | Leave a comment

Avoiding E-Fail

Clicking “send” is almost too easy. We’ve all had those moments when we wince after realizing we sent an email a little too soon. Maybe you attached the wrong file or realized you copied someone that you shouldn’t have.

But as painful as these moments are, sometimes the result can be far worse than slight embarrassment.

Who did I send that to again?

You’re going on hour 15 of your “eight-hour” work day. Needless to say, you’re a little groggy. Checking your watch, you realize you’re about to miss the deadline for the billing cycle.

Quickly, you pull the patient records for everyone who’s received treatment in the past month so that their claims can be processed.

What was that guy’s email again? Rick something? Good thing my email remembers it. Thank you auto-populate.

Sent. And that’s when you do a double take.

Image: http://www.reactiongifs.com/r/Ellen-Selfie.gif

Image: Reaction GIFs (http://www.reactiongifs.com/r/Ellen-Selfie.gif)

Wait, who did I just send that to?

Rick Johnson at United Healthcare?! … That was supposed to go to Rick Johnston at Aetna!!

Image: http://2.media.todaysbigthing.cvcdn.com/15/55/5db85500cc71595bd2ddab0112d87abc.gif

Image: http://2.media.todaysbigthing.cvcdn.com/15/55/5db85500cc71595bd2ddab0112d87abc.gif

Don’t be the guy who accidentally sends 1,200 patient records to the wrong organization.

Wait, what was that attachment?

You just spent the weekend slaving away on that report your boss dropped on your desk Friday afternoon. You’re coming down from your caffeine high, but you know you’ve nailed it.

Image: http://www.diaryofthedad.co.uk/2014/06/tips-for-prs/

Image: http://www.diaryofthedad.co.uk/2014/06/tips-for-prs/

Wanting to show your boss how dedicated you are, you send it to him first thing Monday morning. Just need to make sure you attach the right thing — 090214UpdatedRegionalReport.docx — OK, sent! Now just sit back and wait for the praise to pour in.

You wonder why it’s taking so long for him to respond. Did your email go through?

You attached 090214UpdatedResume.docx?! “Oh no, I can explain!”

Image: http://gifrific.com/wp-content/uploads/2014/01/Girl-Misses-Seat-and-Falls-to-Ground.gif

Image: Gifrific (http://gifrific.com/)

There’s Always One

Jason has been slacking recently, and his performance is only going in one direction: down. Despite your coaching and multiple warnings, he just can’t seem to get it together. He’s got to go.

Jason, you’re fired.

Image: http://www.businessinsider.com/image/4fdf56a56bb3f7ee71000009/what-happens-in-media-planning-donald-trump-youre-fired-gif.gif

Image: Business Insider (http://www.businessinsider.com/)

Good riddance to the bad egg that was bringing everyone down.

But what you don’t realize is that Jason saw this coming. He’s been emailing himself customer lists for weeks, and he even snagged next quarter’s sales leads.

And he’s taking all of that with him to your biggest competitor, where there’s a job waiting for him.

Image: Reaction GIFs (http://www.reactiongifs.com/)

Image: Reaction GIFs (http://www.reactiongifs.com/)

That’s not good.

With protected health information, financial data and other sensitive corporate information exchanged regularly through email, you want to make sure you’re protected. Yes, there’s email encryption. But just in case that email shouldn’t have been sent in the first place, there’s always DLP.

Posted in Data Loss Prevention, Email Encryption | Tagged , , | Leave a comment

#BYODInsights – Here’s the Recap of our Inaugural Twitter Chat with ZDNet’s Ken Hess

This past Thursday, August 21, we hosted our first ever Twitter chat. We were very excited to welcome ZDNet contributor Ken Hess, who fielded questions about BYOD (bring-your-own-device) considerations and best practices from ZixCorp’s Geoff Bibby, VP or Corporate Marketing.

The chat focused on balancing security and employee privacy, bridging the gap between employees and IT, and how Millennials will impact the future of BYOD. Since we’re more than halfway through 2014, we recapped what we’ve seen from BYOD thus far and touched on what we can expect in 2015 and beyond.

You can catch the highlights from the conversation below.

How should companies balance security with employee privacy?

We’re more than halfway through 2014. What’s the most surprising thing you’ve seen so far this year?

How do you think the Millennial generation will influence BYOD adoption rates?

Still can’t get enough? You can check out the full chat here. And to keep the conversation going, just remember to use the hashtag #BYODInsights, or tweet us at @ZixCorp

Posted in Bring-Your-Own-Device | Tagged , , , , | Leave a comment

Q&A with ZixCorp’s Design Team — Balancing Security with the User Experience

User experience (or lack of) is often one of the biggest barriers companies face when it comes to employee buy-in and compliance of security solutions. We sat down with ZixCorp’s user design team for a peek into how they design products that aren’t just at the top of the security game — but also easy to learn and use.

Enjoy the Q&A below, and feel free to let us know your thoughts on what it takes to create a security solution that users love!

  • What goes into designing Zix solutions? 

When designing products or features, we are extremely user-focused and want to make sure we are taking their feedback into consideration. We analyze any information our product management team collects from customers and through usability studies to determine what users want We then work as a team through an iterative process to come up with the best feature design. This process really allows us to focus in on what our users want and provide them with the best product available.

  • How have you seen Zix solutions evolve over the years?

In the last five years we have worked to align all the Zix products with one another since they originally looked and operated differently. Now, a number of our products are consistent across several facets — in their look and feel, in how you access them and in the heuristics. This gives users the assurance that their experience with one Zix product will assist them when using other Zix products.

  • Do you design products differently depending on the intended users?

Absolutely! Our ZixOne administrator tool was designed specifically for the administrators that would be using it. We always have the same goal: to make the product easy-to-use by making sure buttons and tools are where the user expects them to be. Sometimes when form factors are different, the placement of controls is not consistent within the same ecosystem, like with the ZixOne phone application to the ZixOne tablet application. The experience is familiar to the user, but slightly different.

  • How does design and user experience play a role in employee adoption of a product?

We believe that if you put a product in front of users and they have to travel a large learning curve, they will reject it. If users don’t understand the product or have to ask a lot of questions about how to navigate, they tend to give up. Our goal is to avoid a situation where users give up and do not use the product.

Along those lines, our design philosophy is to provide people with interactions they are already familiar with. Apple, Android and Windows have spent a long time training people on how to use their products. It was said early on when the iPod came out that the iPod Touch was simply a training tool to teach users how to interact with an iPhone. We want to use what’s already in users’ knowledge bank to provide them with the tools they need to get the job done.

  • Are there any specific challenges to designing a security product?

Definitely. Our QA team is embedded with us and involved in the design process, from the very beginning, up until the product goes out the door. They help us catch everything, from design issues to security issues. We also have a security testing period that happens after we have designed the product to ensure that everything is secure and up to Zix standards. The testing period can change user design as well, and occasionally, we have to make compromises in order to meet security requirements.

  • Do you look to any products for design inspiration?

We are a standards-based design organization, so we look at the standards produced by Apple, Microsoft and Google and try to stick to them as closely as possible. This helps us to stay in that groove of providing something that users already understand.

  • What mistakes do others make when it comes to user experience?

One mistake is designing products that deviate from standards users understand. Designing things that are interesting or exciting can come back to haunt designers, because they could be creating a steep learning curve for adoption. It’s not that the old dog can’t learn new tricks, it’s that the old dog doesn’t want to learn new tricks. And you will find that most of your users are the same way. Yes, a product may be neat, fun and cool-looking, but they don’t want to learn something new — they just want a simple product that is easy to use.

 

Posted in Technology | Tagged , , , | Leave a comment

Customer Spotlight – Early Adopter Continues to Protect Patient Information with Email Encryption

The Final HIPAA Rule went into effect in March of last year. With its release some healthcare organizations, business associates and sub-contractors began to evaluate email encryption for assistance with compliance and to ensure protected health information was “unusable, unreadable, and indecipherable” in transit. However, many healthcare organizations, such as Bay Area Medical Center, were no strangers to the security solution.

In 2004, Bay Area Medical Center in Marinette, Wis., set a goal to meet early HIPAA compliance standards and find a solution that was transparent and easy to use. For the best solution that fit the bill, the medical center’s IT department turned to ZixCorp. Since then, Bay Area Medical Center staff has easily shared encrypted messages with patients and business associates through its use of ZixGateway.

One decade later, Bay Area Medical Center still finds Zix Email Encryption to be the best solution on the market. As Pete Eisenzoph, Director of Information Technology for Bay Area Medical Center, put it:

“When we originally selected Zix Email Encryption, we thought it was the best solution on the market. Ten years later Zix continues to be the leader and provides the ease-of-use that is so critical for our users. By routing outbound communications through ZixGateway, we gain the peace of mind that protected health information is secured and compliant with HIPAA guidelines, no matter who sends the email.”

During the last 10 years, Eisenzoph has seen email encryption take off in the state of Wisconsin. More and more healthcare providers are using Zix Email Encryption, and as a result, sending and receiving encrypted email has never been easier.

A little about Bay Area Medical Center:

  • Located in Northeast Wisconsin
  • 99-bed general acute care hospital
  • Emphasis on heart and vascular care, orthopedics and sports medicine, women’s services, diagnostic radiology, cancer treatment and emergency care

Posted in Email Encryption | Tagged , , , | Leave a comment

Why not encrypt every email? After years of innovation, now you can.

Fun Fact: Today, one million messages are encrypted by Zix on a typical business day. On average, 75 percent of these encrypted messages are sent through Zix Encryption Network to other members.

Earlier this summer we announced the unveiling of Zix Encryption Network (Z.E.N.), a growing community of now more than 10,000 businesses that enables the automatic exchange of encrypted email for all messages between members.

In honor of our growing network, we wanted to bring you even more knowledge with an in-depth eBook surrounding Z.E.N., detailing key milestones and the value of encrypting ALL emails, no matter the content.

In this eBook titled Zix Encryption Network: Years of Innovation Creates the Ultimate Network of Secure Email, you will find detailed sections of information such as:

  • Why Not Encrypt Every Email?
  • Chipping Away the Complexity
  • Automatic Email Encryption
  • A Global Community for Convenience
  • The Final Piece: Scaling to Support All Businesses

Posted in Email Encryption | Tagged , , , | Leave a comment