ZSentry: The NMA SolutionFor general reading click User Q & A >>
This is a technical article on NMA ZSentry, covering regulatory compliance including HIPAA & HITECH Safe Harbor, mobility, functionality and usability. This article is a continuation of the concepts introduced in Communication Convergence.
Communication convergence, including cloud architectures, are fast increasing mobility and functionality. They are also leading to a useful aggregation of gadgets and applications in now common devices such as smartphones and tablets. However, convergence exposes security gaps that militate against the desired mobility, functionality, and aggregation.
Conventionally, solving the security gap problem would fall to the providers of the various communication channels (e.g. email, SMS, single-sign-on, voicemail), such as when a server uses SSL to deliver secure content. However, due not only to competitive interests in creating "walled gardens" that are incompatible with each other, but also to the sheer diversity of systems, third-party technologies may need to be incorporated from the end-user side. Alternatively, it may be solely incumbent on the enterprise to extend existing channels to achieve the desired level of security, mobility, and aggregation. Clients and end-users outside the enterprise also add a large diversity in terms of their requirements, devices, and services, none of which are under enterprise control.
These considerations pose some conflicting requirements on architecture, security, and usability, which we address with the NMA solution.
In terms of the NMA solution architecture, because the security gap problem may need to be solved from any side, and also from both sides in some cases, the solution should not be localized at any end-point.
However, we also know that security and communication problems are more effectively solved at the end-points of a communication system. Instead of demanding complete and correct control at every intermediate step, it is usually easier to control the end-points.
In usability terms, we need to take into account that "users abhor changes". Moreover, a secure system that is not usable will be insecurely used, or not at all.
To satisfy these usability, security, and architecture considerations, NMA Inc. developed the Network Middleware Application™ (NMA) technology. NMA is a unique, distributed middleware technology that may be divided in two conceptual parts:
With ZSentry, it is possible to control all needed end-points without changes for the end-users. NMA ZSentry works at each end-point, making adoption an end-user decision while interfacing “in the middle” (in-between the end-points), so that there are no changes for end-users.
In summary, NMA ZSentry lets you do all in regulation compliance, with a phone! Or a tablet, or whatever you and the recipient want to use. Extending smartphones and other devices to smart IT, NMA ZSentry aggregates user services and adds best-in-class usability, while securing services, applications, and devices without changing them.
Everyone is now an expert.
ZSentry takes in the often difficult aspects of communication convergence and regulatory compliance and balances them with a service/platform that creates "instant-on" compliance and convergence, anywhere, anyway. The result is communication convergence that is functional with the usability, mobility, security and privacy needs of both customers and end-users, not adversarial.
ZSentry Works with leading solutions including Outlook, Exchange, Google Apps, iPhone, and Android. ZSentry is also future-compliant because it uses standard-compliant interfaces for basic services (SSL, SMTP, HTTP), while not relying on any particular service. ZSentry has received vibrant user reviews and was selected in the 10 Enterprise Must-Haves by CIO Insight (2010 © Ziff Davis).
The ZSentry solution is as ingenious as it is simple to use. But simplicity can be perplexing. The next sections can help you apply it. You can also Try Now
Adding NMA ZSentry — Secure, Personalized ConvergenceOrganizations today would likely see the following main choices of resources for services, devices, software, network, and providers:
Google Apps, Gmail, Yahoo, Outlook, Thunderbird, Apple Mail, iPad, iPhone, Android, Blackberry, Nokia, Internet Explorer, Firefox, Safari, Opera, Exchange Server, email, webmail, SMS, IM, Single-Sign-On, and file storage.However, in defining a suitable set of resources, the central question for a corporate purchase decision is not about the resources themselves. What matters is the set of capabilities that they can support in common, and how this set matches the business needs of the organization. Organizations, therefore, have to look into what capabilities those resources may have in common, such as:
(a) They are regulatory compliant (e.g., HIPAA, HITECH, ARRA, GLBA) (b) They work together (c) They can help reduce online risks (d) They make it easier to use different devices
Today, however, the only common point between those resources is (e) none of the above.
But option (e) is not helpful. The list of resources above includes leading brands and services and yet many organizations cannot use them due to lack of needed capabilities.
HIPAA compliance, for example, is a mandatory business need in the US and not only in the health-care sector. HIPAA compliance also affects billing, insurance, government, education, and other market segments quite directly. HIPAA is very broad in application and mandates, as an example, that an accountant firm must be HIPAA compliant in order to process patient account data.
In addition, and independently of regulatory requirements such as HIPAA and GLBA, organizations face other barriers in using those resources, such as not working well together, limited functionality, and higher online risks such as password vulnerabilities (likely to happen) and server breach (inevitable).
Adding NMA ZSentry creates a new option: “all of the above and more”
For example, you continue to receive email at your usual Inbox, with an email address that you already have, using your Mail client or web browser as before, and with nothing routed through ZSentry.
Then, what does NMA ZSentry do? ZSentry complements the capabilities offered by leading services, devices, software, network, and providers, enabling compatible, usable, secure, regulatory & Safe Harbor compliant solutions in all platforms, with seamless operation.
How is this even possible? We designed NMA ZSentry as a distributed middleware, which is a technical term. It means that ZSentry stays in-between (the “middle” in middleware) what you already have. It works with the message itself, not receiving the message, not at a storage place for the message, and not even in sending the message.
To interface with user applications, ZSentry uses standard processes already available at client and server sides. ZSentry is provided as a service, with Sans Target operation supporting regulatory & Safe Harbor compliance.
Try NowWe offer a range of ZSentry services that you can use with your current on-premise, on-demand and mobile IT solutions without changing them, with no installation or plugins. Click Free Trial for a selection of what is available online, request a free trial, or request help.
Our ZSentry Certified Partners may also provide local and online support & setup services for your organization, and help assure regulatory compliance, including HIPAA & HITECH Safe Harbor and mobile devices.
User Requirements & SecurityFor NMA, usability is the first and foremost requirement of a secure system. That a service is actually usable by users, with no prior training required, is a very important factor to assure compliance to security requirements by all personnel involved.
User requirements and security needs include protecting personal and other sensitive information against inappropriate and unauthorized use and disclosure, whether due to external or internal attacks, while assuring usability.
How about login vulnerabilities and server breaches? It is easy to show that with the ZSentry Sans Target technology the user login can be sufficiently hardened while user data and privacy can be held harmless, even if there is an attempted security breach.
User authentication by ZSentry uses a two-factor strong authentication process with a Usercode / Password digital certificate. This process is a direct replacement for, and resembles, the familiar but deeply flawed username / password user authentication, which largely avoids user education and directly supports usability. ZSentry login is designed to prevent phishing, dictionary attacks (even if a user chooses a weak password), and other vulnerabilities, with no password or username lists stored anywhere, not even encrypted.
ZSentry also uses the Safe Harbor condition to eliminate costly breach notification requirements and fines, with a least requirements strategy that automatically offers “instant-on” compliance with HIPAA, HITECH and other regulations.
These aspects are important particularly for businesses, for which communication convergence must not only offer services that work together. They should also be HIPAA compliant (when needed), Safe Harbor compliant, allay liability concerns, help reduce online fear, make it easier to use different devices, present a uniform user interface and, for easier adoption, reduce change.
Focus on Capability, Extend ResourcesBy adding ZSentry, communication convergence becomes more effective and can be used to also blur the lines between resources such as services, devices, software, network, and providers. Rather than talk about resources the focus is now on capability, which is what matters for businesses.
With ZSentry, it is also not so relevant anymore where a capability resides or how it emerges and is extended for the user. What matters is that the capability is provided according to the User Requirements that are needed for the operational conditions. For example, if the organization sending protected information is a Covered Entity under HIPAA, it matters whether a user can read it with HIPAA compliance.
ZSentry as a Service
By adding ZSentry, what used to be a software, that needed to be bought, installed, and often updated, can become a service that has no installation and is always up-to-date. A market dominated by a secure corporate email service using proprietary devices tied to a single provider, can be disrupted by a secure corporate-oriented ZSentry service that works in any device and provider, and not just for email.
ZSentry as a Platform
Adding ZSentry facilitates the opening of communication markets to competition and empowers users to find their own desired aggregation of resources including services, devices, software, network, and providers, rather than only using available market packages.
Both aspects facilitate market entry for new products based on ZSentry, seen as a Platform. For example, a developer can use ZSentry as a Platform and third-party resources to build their own service. By using the ZSentry Platform to coalesce other services, devices, software, network, and providers, a developer can then easily provide new functionality, increased security, better mobility, and more usability, much in the same way that ZSentry is used as a Platform for its secure Mail service (ZSentry Mail™ or Zmail™).
ZSentry as a Partner
Adding ZSentry creates new opportunities for partnerships. ZSentry is a complement product to leading IT solutions in all platforms, and can provide more options for a partner's customers while enhancing their product or service.
Because ZSentry is a distributed middleware it does not change or compete with any IT system that it complements. Rather, ZSentry is beneficial to partners and their customers. ZSentry can add security, more connectivity, more productivity, new functionality, mobility, and extend the life of existing IT solutions.
ZSentry has an acclaimed commitment to customers. This commitment extends to partners and their customers. Partners can add the ZSentry Certified partner qualification, providing partners with training and support to make sure that NMA ZSentry solutions are running as their customers need them to run.
ZSentry as Creative Recycling
Information technology creates forward efficiency and... leaves behind waste. There are many US health-care providers still using fax, which is not HIPAA compliant and is personnel-intensive. Telex is still used in many countries. And documents that can be sent digitally certified and secured in a fraction of a second, are still sent quite expensively during what is now a very long overnight delivery, by courier services. Digital information may have to be sent without external but otherwise needed meta-data (e.g., central timestamp), which then has to be added and verified manually, introducing errors and opportunity for fraud. Early obsolescence can also be forced by system changes or limitations, even though the devices themselves perform adequately.
Adding ZSentry can work as creative recycling and help include previous processes (and their benefits) into a modern process, reducing cost, time, and errors. For example, while people may still need to send faxes, they do not have to be received as faxes. A fax machine can automatically reroute faxes securely through an email gateway that adds ZSentry for secure delivery, with no paper required. An email service can add ZSentry, which includes a centralized timestamp service referred to the US NIST atomic clock, and emulate the same business-critical functionality (missing in regular email) provided by telex while also securing the messages end-to-end.
ZSentry as Personalized Convergence
Communication convergence benefits both consumers and business, and increasingly allows real-time, anywhere use. However, users need to make do with whatever convergence level might be available in the market, even at the high-end.
By adding ZSentry, users can personalize the convergence experience. For example, consumers may just want a least-cost combination, while organizations may want to choose a best-of-breed combination of resources that reduces both risk and cost, while reusing investment & promoting revenue. Go to 30+ ideas >>
SummaryNMA ZSentry provides organizations with regulatory compliance and communication convergence as a service/platform, working with leading solutions in an “all of the above and more” approach.
Easier Market Entry, More Choices for Customers: Adding NMA ZSentry as a service/platform can also help new companies play a role in the process of convergence, where new market players can move in more rapidly with less cost and less barriers to entry, adopting different market models from conventional telecommunication companies and potentially create new markets.
Read more: Frequent Questions >>
|Main Technical Notes|