Newsfeed Sources

Sarbanes-Oxley Act (SOX) requires trading partner certification, data center validation and information transparency auditing. The Health Insurance Portability and Accountability Act (HIPAA) insist on the stringent protection of health information privacy. And, Gramm-Leach-Bliley (GLM) dictates that the privacy of individualsÂ’ financial information must be protected.  Add to that the PCI-DSS standard and you have an issue that increases the cost of IT.  This in turn drives the need to be able to transfer files to a secure location via a Managed File Transfer Facility

An optimal centralized Managed File Transfer facility should offer the following:

• Security: The Managed File Transfer facility should secure data within the organization and in transit, protect the privacy and integrity of consumer data, provide multiple levels of encryption, and support all common security protocols.
• Central Point of Control: A single solution, with a single point of control, should manage all file transfer processes for the entire enterprise.
•  Compliance: The Managed File Transfer facility should provide the auditing and control facilities necessary to meet the requirements of: Sarbanes-Oxley 404, internal auditing standards and the organizationÂ’s contractual and regulatory obligations. It does this by providing: identity management; process workflow automation; an audit trail for all transactions, including a record of who accessed which documents, when they were accessed, and where they were accessed; and archives and journals that are readily available whenever needed to respond to legal issues.
• Visibility, Control and Access: The Managed File Transfer facility should make all relevant information - structured and unstructured - easily visible to everyone who needs it, but only to those who need it.
• Reliability: The Managed File Transfer facility should provide checkpoint/restart functionality so that transmissions can be restarted - preferably automatically - should they be interrupted as a result of an operator error or a hardware, software or network failure.
• Scalability: Your centralized Managed File Transfer facility must be capable of growing with your business. This includes supporting all future growth in the number and variety of trading partners, file sizes, file types and traffic volumes.
• Support: Once an Managed File Transfer solution is adopted, many of your business processes will succeed or fail based on its success. The Managed File Transfer facility should, therefore, be a proven solution that is fully supported and maintained. It must also be upgraded regularly to provide new features and to support new protocols as they become available.

Maintaining more efficient data currency. Using synchronous replication over a short distance in a campus or metropolitan area cluster provides the highest level of data currency without undue impact to application performance.

Permitting swift recovery. A campus/metropolitan cluster implementation allows for fast automated failovers after a local area disaster with minimal to no transaction loss.

Permitting recovery even when a disaster exceeds traditional regional boundaries. A wide-area disaster could disable both data centers 1 and 2, but with some manual interaction, operations can be shifted to data center 3 and continue after the disaster.

Shifting to staffing outside the disaster area. A wide-area disaster also affects people located within the disaster area, both professionally and personally. By moving operations out of the region to a remotely located recovery data center, operational responsibilities shift to people not directly affected by the disaster.

Janco has defined a Template with a Backup and Backup Retention policy that is a complete policy which can be implemented immediately. 

The document is provided in both Word 2003 and Word 2007 format and is easily modified.  This policy is included in the Disaster Recovery / Business Continuity Template.

Below is a table from the policy.

If your company accepts a high volume of credit cards,chances are that you have already felt the sting of PCI requirements. Although you can't entirely avoid card-related risk and compliance issues, you can lessen their impact by limiting storage of credit card numbers and reducing the overall scope of the PCI Standard on your organization.

Web chat. Agents may chat with a customer using a Web chat dialog during the remote control session, freeing up the customer to take a call or perform other work, with the agent prompting them with the chat dialog when additional information is required.

• Electronic Collaboration. Leading platforms offer varying degrees of Web collaboration, ranging from allowing other agents to join the remote control session to provide assistance to full online meeting and webcast capabilities.
• Sharing. With screen sharing, the agent can view the customer‟s desktop, with an option to allow the customer to view the agent‟s desktop as well. This allows agents to walk customers through procedures they may be struggling to attempt on their own. Other features may include joint form fill and page push.
• Monitoring. A new feature now available with some platforms, supervisors can select a remote control session currently in progress to see how the agent is handling the situation. Useful for quality control monitoring, to keep tabs on new agents, or to gage proficiency with the remote support technology.
• Log files. Different platforms offer various diagnostics that can be used to pull complete log files of a customer system for real-time or historicalanalysis. Log files typically are sent to the agent as a text file at the end of the session and attached to the incident in the case management system.

This is a break from the pricing model that is used in the United States and a move towards the model use in other countries.  When Verizon was asked if they were going to follow and offer a similar plan they said that they had no plans at this time to move in that direction but would study the approach.