Your Checklist for User Security

Stay Secure in Highly Regulated Industries

Today, privacy and security requirements are mandated by many industries and governments to better protect personal, financial, and healthcare information. Organizations have confidential data that needs to be protected, including HR files, intellectual property, agreements and contracts, financial records, and other corporate information-especially when it is being shared with others.

Many still rely on legacy FTP servers and email to share information and files. But these methods are not secure or user-friendly. For those that must adhere to HIPAA, SOX, FERPA, or GDPR, the risk of a breach in security can be costly. Even for other businesses that just want to make sure confidential company information is kept safe from those who would exploit it and ensure GDPR compliance to maintain the privacy of vital business information.

Two Considerations that Must be Part of your solution

  • Usability defines a good security solution
    Multi-tenant for maximum security


business meeting

Usability Defines a Good Security Solution

Employee behavior is always a top concern for IT leaders. In a recent nationwide survey conducted by Biscom, 75% of employees confirmed CIO concerns when they admitted to sending private and confidential information via insecure methods due to convenience. Biscom Transit, with its familiar email interface, was designed with ease of use in mind. Focusing on usability mitigates the risk of employees making a choice for convenience rather than security.

Multi-tenant is Key to Maximum Security

Data comingling is common in cloud applications. Multi-tenant applications physically separate each customer’s instance of the application, including where data is stored. This separation makes it nearly impossible to accidentally view another customer’s files or messages – which is a significant benefit for customers.

It’s also important to consider how your data is managed. Can a vendor’s administrators see your files? Do they have access, and is there anything set up to control access? Certain process certifications can help provide some comfort for businesses – such as SSAE 18 (formerly SAS 70) and SOC 2 certifications – these audits ensure vendor attestations are valid and they are following proper procedures and operations, reducing the internal risk of improper data exposure.

Using traditional email security solutions, you’re dependent on user awareness. With user security features and ease of use, your information, data, and passwords remain safe.



User Security Checklist

Data Security

FIPS 140-2 AES 256-bit encryption as required for Federal Government agencies but helps all who care about the most secure encryption available

Multi-tenant – Each customer has its own cloud “space” not shared with any other customer

Pseudonymization (obfuscation) – Disassociate files from owners for GDPR compliance

No data commingling – Eliminate the risk that data can be “accidentally” viewed by someone else

Uploads and downloads automatically scanned for viruses and malware

Compliance and Governance

Full audit logging with transaction reports 

Role-based access 

Unique compliance role for significant insight and governance to the organization 

Helps meet compliance requirements for HIPAA, SOX, FERPA, and GDPR 

User Security

Multi-factor authentication

Internal and external user roles

Full auditing capabilities

Integrated with Microsoft Active Directory

Network Security

Total protection for data in transit

All files are transferred over secure HTTPS connection

TLS 1.2 2048-bit encryption in transit

Regular penetration testing

Administrative Oversight 

Tracking and reporting

Audit and compliance monitoring

Role-based access

Ability to automatically expire access

Real-time dashboard for user activity, storage quotas, and licensing

Looking for more information?

Email us today to speak with one of our specialists.