As more employees began clamoring to use commercial services such as Dropbox and SendThisFile to transmit ever-larger files to clients and partners, Rockland Trust needed a secure and compliant method to meet the demand. "Because we block such commercial sites to meet security, risk and compliance requirements, people were increasingly frustrated," recalls Dave Brown, AVP for information risk and security architecture at the Rockland, Mass., bank.
[BYOD policies are creating new risks as employees use insecure and unapproved consumer storage and file-sharing solutions: Securing Mobile Content: Addressing The DropBox Problem]
By early in 2012 Brown determined he could leverage an existing tool, Biscom (Chelmsford, Mass.) Secure File Transfer as a solution. Rockland ($5.8 billion in total assets) had adopted Biscom in 2008 as a user-friendly solution for select business and IT users to send and receive large encrypted files and, later, received kudos from the FDIC for using Biscom to improve merger tasks. "It's not every day you get props from the FDIC," says Brown.
However, Rockland's original Biscom configuration limited the tool's use. "Our single Biscom server, which also housed the associated Oracle MySQL database, was connected to our firewall," explains Brown. "In addition to residing at the edge of our security perimeter, the system wasn't load balanced and it accessed the Internet via a single connection. With so many single points of failure, we needed to re-architect the system."
Due to other enterprise initiatives, re-engineering the Biscom environment was pushed to early this year, when Rockland began working with Biscom to assemble requirements. "Among other things, we wanted to use Microsoft Active Directory in Window Server 2008 for credentialing," explains Brown. "The original deployment required a separate user name and password."
During the spring of 2013 a new environment for Biscom was engineered, piggybacking on a larger Rockland continuity initiative. "We setup Biscom on an internal application server virtualized with VMware," Brown says. "We also upgraded Biscom to use our new [Microsoft] SQL Server 2008 R2, instead of MySQL. "Plus, we utilized load-balanced front-end application servers to proxy into our internal Biscom server."
Throughout the deployment Rockland tapped Biscom for technical assistance. "We worked with one engineer," says Brown. "His experience demonstrated he had clearly done this type of migration before."
By August 2013 Rockland was ready to cut over. "We carved out a couple of hours during a business day," Brown says. "The migration took place smoothly with only about an hour of disruption to Biscom users."
Besides the desired continuity gains, rewards from the new system include collaboration capabilities. "Biscom has a secure workspace feature," Brown reports. "We've created a workspace for our Board documents, which can be accessed via an iPad app. And, at the end of November, we'll create a segregated space for our FDIC auditors, eliminating the need for auditors to log into our systems."
Moving forward, Brown foresees adopting a Biscom add-in for Microsoft Outlook, enabling users to launch a secure file transfer from within the familiar interface. "We're testing this functionality right now," acknowledges Brown. "We need to address various internal issues before we roll it out."
One issue is licensing. "We currently have 150 sender licenses," says Brown. "A license isn't required to receive files. We have 1,400 registered receivers and that number is growing all the time."
Regardless, Brown anticipates demand will skyrocket as more Rockland teams discover the benefits of Biscom's workspace for ongoing and ad-hoc needs. "We expect receiver accounts to shoot up and are budgeting for double the number of senders in 2014."
Today, what began as a tool for a select few is now a critical point-and-click utility accessed around the clock. "Whenever someone begins using the system I send them instructions," notes Brown. "But they always tell me then never even read them. Senders type who they're sending to, which documents, add any notes and hit go. It's as simple as that."
Institution: Rockland Trust (Rockland, Mass.).
Assets: $5.8 billion.
Business Challenge: Provide end users with a secure tool for sharing and transferring large files.
Solution: Biscom (Chelmsford, Mass.) Secure File Transfer solution.