How a Litigation Support Manager turns Accellion SFTA into a Competitive Advantage that Makes Clients Happy and Attorneys Glad

Summary: While an Accellion survey has shown that 70% of end users still routinely use CD/DVD as their "file transfer" method, the Litigation Support Manager of a major law firm breaks the routine and makes both the clients and internal users happier.

-----
Accellion commissioned a consultancy to conduct a survey. Being the secure file transfer solution provider that we are, I wanted to learn more about what methods companies use to send files to business associates.

Not surprisingly, sending files as email attachments was the most dominant method (74% of all responses). A bit surprising to me, though, is how many companies still burn CDs/DVDs and ship them via courier services - some 70% of the companies in the study said they still employ this method.

(A statistical side note: many of the respondents use multiple methods for file transfer. So, these percentages do not add up to 100%.)

The continuing prevalence of CD/DVD as a data transfer method is not exactly surprising. What these users are saying implicitly is that email is simply unsuitable for sending large files or folders, i.e. to maintain file hierarchy. So end users will turn to the second easiest method. In other words, that means burning files onto a CD/DVD and then shipping it overnight.

Why CD/DVD? Well, it is because a business user can burn a disc without the hassle of getting the IT department involved. Similarly, the recipient does not need to call in IT support to retrieve the files. So what if the process is time consuming and the shipping is costly? That’s just a cost of doing business, right?

Wrong!

I was talking with the Litigation Support Manager at a large law firm who has been using the Accellion SFTA solution. Her team is responsible for converting pertinent documents to PDF format and distributing them to all relevant parties such as clients, outside counsel, and consultants.

Prior to installing the SFTA solution, the Litigation Support team would process the information into PDF format, burn them onto a CD, and then use an overnight shipping service to distribute them. This shipping costs were simply passed on to clients as part of the legal overhead.
The department manager told me the team tried to use email attachments to send the documents, but this wasn’t practical because recipients' email servers routinely reject large attachments. What’s more, there is no simple mechanism to ascertain delivery of the document to the right person without exhaustive phone calls.

After installing Accellion SFTA, the Litigation Support team starts to send files via links to the document(s) in email. The recipient clicks on the URL link and downloads the document. The sender also gets a file download confirmation so that there is no additional tracking required. The whole process now takes minutes between the sender and recipients instead of the usual days, and there are no more of those multiple triage points.

Similarly, non-technical end users, i.e. attorneys, can send files or folders of any size from their own PCs on an ad hoc basis without begging IT for help. (And according to my anonymous high level IT source in another major law firm, IT is equally happy to not have to deal with attorneys who wanted to get the files over "yesterday already".)

So, with Accellion SFTA solution, the company is able to make both users and clients happy by reducing the process time from days to minutes. Furthermore, by eliminating the costs of delivery services as well as the overhead required to handle the physical delivery, the law firm is able to be more responsive while lowering its costs of business for itself and its clients.

The equation is simple:

Because
1. Accellion SFTA = (reduced time, reduced costs)
2. Reduced time = better service to users and clients
3. Reduced costs = lower fees passed on to clients
4. A better (law) firm that makes users and clients happy = Better service + lower fees

Therefore
Accellion SFTA = Better business results

Or, as my logic lecturer would have said, "this is intuitively obvious."

ACA Guy

Integrate Accellion SFTA with Email Client So End Users Do Not Have to Leave Email to Send Large Files Securely

Summary: Integrating Accellion SFTA with your enterprise messaging system makes life very easy for end users and email administrators alike. Steps and sample end user interface below.


-----
If you recall my rambling about Using Exchange/Outlook and Domino/Notes with Accellion Secure File Transfer Appliance, I said that it’s possible to embed an Accellion icon inside the email client so that a user can send an "attachment" via his email and still process the actual transfer through the secure file transfer appliance without clogging up the email server. In other words, this makes the secure file transfer process transparent to the end user.

For those IT admins from Missouri (the Show Me State - for those not familiar with this American colloquialism), the integration process is straightforward for both the end users and the email administrator as described below.

Let’s say your enterprise email environment is Exchange/Outlook and you want to let end users send files from within Outlook like they always do, but still process the transaction through the secure file transfer appliance.

First, you have to buy an SFTA box from Accellion.

Then, the Accellion installation team or the IT administrator would prepare the MSI installers and registry setting which contains the automated instructions for how the SFTA client agent will install on the end users' PCs. Next, the IT administrator would push out the instructions for a controlled roll-out through programs like Microsoft Active Directory Group Policy. The Group Policy program “pings” each desktop and installs the Accellion Outlook agent. So, the key, and only, thing that end users need to do is to make sure that their PCs are turned on and connected to the network. Even the CFO can handle that task without supervision.

The process is similar if your organization uses Lotus Domino and Notes for your enterprise messaging system.



Once the Accellion agent is installed on a user’s desktop, user will notice an extra “A” icon in his email application as shown above. (Outlooks client shown.)


Email administrators can set a threshold size for files that can be sent via email. If a file exceeds that threshold, the file is intercepted and sent via the secure file transfer appliance instead. This can be done automatically, or through a gentle reminder to the end user, telling him to use the file transfer appliance to send large attachments.

How about one-off installations, say for a new employee? In this case, the administrator sends the new user an invitation to install the software. The user clicks on a link to download the installer file, which installs the agent automatically. When the installation is done, the user starts his email client and enters his SFTA account information (same as the email information if AD/LDAP directory integration is used with SFTA). And that’s it.

OK, what if the end user is using a PC that is not configured with the agent? On a public computer, for example. Secure file transfer appliance is always available to authorized users through a web interface. So, even if a user is not at his normal PC, the secure file transfer process is not impeded or compromised in anyway. Or, as an IT director once told me about his end users roll-out, if you know how to use Yahoo Mail, you know how to use Accellion.

By the way, click here to get your SFTA from Accellion.

ACA Guy

Be like Tom Cruise (or Peter Graves) and Get Your Files to Self-Destruct Securely

Summary: Just like the messages that deliver ‘the mission’ to Ethan Hunt or Jim Phelps in the Mission Impossible series, files on the Accellion Secure File Transfer Appliance (SFTA) will ‘self-destruct’ when you say the time is up.

-----
Watching one of the Mission Impossible movies the other day, I got a kick out of how Tom Cruise’s character Ethan Hunt received his mission assignment through a pair of glasses. When he had all the details he needed, he tossed the glasses into the air and they blew up (cool!), preventing anyone else from accessing the vital mission information.

Alas, I am also old enough to recall the original Mission Impossible television series where Peter Graves’ character Jim Phelps received his mission via audio cassette. The tape would fizzle in a puff of smoke to self-destruct (cool!), again to protect the secret information.

This got me thinking about the life of files that are often left to languish in places such as FTP servers and email in-boxes. Unlike the self-destructing messages delivered to the Mission Impossible team, these real-life files hang around forever until someone takes the action to remove them. And the longer the files sit around, the more susceptible they are to prying eyes, including search engines like Google.

While state secrets may not be involved (and, in any case, the secretary shall disavow any knowledge), most business processes and senders would like to ensure that information doesn’t hang around any longer than need be. Accellion SFTA has a lifecycle management feature that allows an administrator to set global default limits for how long files remain on the appliance before they ‘self-destruct.’ Actually, they are merely deleted, so don’t worry about the appliance sending out puffs of smoke or exploding in the data center. Sorry.

Furthermore, while there is a global default, say 30 days, the default time length can be overwritten by an authorized sender. This user can specify whatever length of time he needs to keep the file on the appliance, say, one day or 12 months.

Finally, you wouldn’t want people putting files on the server indefinitely because they might use the appliance as a long-term storage medium. (Great for Accellion because people would need to buy more SFTA boxes, but integrating your Accellion SFTA with you SAN is probably a better ROI for your IT budget.) For this, the SFTA administrator holds the ultimate power of setting the maximum lifespan of files that no user can exceed. This could be an important part of your overall corporate electronic record retention policy.

So, what does this file lifecycle management tool mean? For end users, this means senders do not have to clean up the email attachments. (Don’t you hate when your email system tells you to delete or archive files to free up space? Your SFTA would never do this to you!)

Of course, the person who is most grateful for this lifecycle management feature is the system administrator. If he sets a reasonable global default time for files, and he allows authorized users to override that default as needed, then he is not the bad guy when files are automatically removed from the appliance. Users can’t complain about disappearing files when they know it is company policy to remove files after x number of days, weeks, or months. In addition, the system administrator does not need to spend his time wading through files to determine if they are ripe for removal from the appliance. This process will happen quite naturally and automatically. In short, there’s no impossible mission when it comes to lifecycle management with the Accellion SFTA.

And, the secretary shall never disavow your actions.

ACA Guy

Using SFTA to Manage IT Portfolio to Stay in the Race, Win the Race, and Change the Rules

Summary: Using the concept of IT Portfolio Management, the de rigour enterprise topic of the day, find out how Accellion Secure File Transfer Appliance allows the IT team to stay in the race, win the race, and change the rules.

-----
One of the hottest IT topics for large enterprises is portfolio management. It is the notion of managing IT projects as you would a financial portfolio. Similar to financial instruments of various flavors, some projects are very low risk but provide steady value to the organization while other projects are high-risk/high-return and, if done right, can catapult your business into a higher playing level. The key insight is to manage and balance a collection of IT capabilities like a portfolio so that you take care of immediate needs as well as sowing seeds for the future.

While the concept is fairly intuitive, just like managing financial portfolios, the challenge is knowing how to balance the portfolio with the right amount of “steady/value projects” and “high risk/high return projects.”

A recent article in The McKinsey Quarterly entitled Divide and Conquer: Rethinking IT Strategy” by David Craig and Ranjit Tinaikar (free registration required) provides advice on how to segment the projects in your IT portfolio.

The article classifies IT projects in terms of their value to an organization. The low risk, steady value projects are known as stay in the race projects. These are the kinds of things that you simply must do in order to remain competitive. Enterprise email system would be a banal but obvious example.

The next level of project is called win the race. This kind of project will place you ahead of competitors, at least until they manage to catch up. An example of such a project is a customer service tool that allows a service agent to immediately get a holistic view of a client's history.

Finally, the highest level of IT project is the change the rules type of project where you do business in an entirely different way. The end-to-end integrated inventory control system between Wal-Mart and its vendors that took nearly ten years to develop is a much feted example.

So, to borrow a financial jargon, what is the recommended asset allocation for the IT portfolio? The McKinsey report offers these guidelines for your IT budget:

Stay in the race projects: 30%-60%
Win the race projects: 10%-60%
Change the rules projects: 10%-40%

As the McKinsey report puts it, up to 60% of the IT budget “should focus on maintaining and enhancing basic IT services, including core business applications, systems to meet regulatory demands, e-mail, and Web services. These are low-risk functions necessary for staying in the race.”

Secure file transfer is just such a core application. Be it a security and compliance issue, a global multi-location collaboration and communication issue, or keeping virus and other digital cooties out issue, Accellion SFTA has been field-proven to be one of the favorite tools in the proactive IT's arsenal for meeting the Stay in the race needs.

But what if you want to push the envelope toward winning the race? Can SFTA help you do that as well? [Expletive deleted], Yes! As noted by customers in verticals such as Architecture, Engineering, and Construction (AEC), Healthcare and Research Institutions, and law firms, Accellion offers a solution that allows them to re-align their business processes to better meet customer needs and improve internal efficiencies.

As for the changing the rules capabilities, Accellion will soon offer API libraries that can integrate your secure file transfer processes into other enterprise applications and processes. Similar to the ability to quickly prototype and deliver services for innovative financial products as cited in the McKinsey report, I can already see an explosion of different collaborative processes within an organization and amongst multiple parties that has been nearly impossible before as a result of the API tools.

So, introducing a platform solution that helps to address your Stay in the race, Win the race, and Change the rules needs - Accellion Courier Secure File Transfer Appliance (SFTA). Say, maybe we not charging enough for these boxes...

ACA Guy

Are you Federal Rules of Civil Procedure - Rule 37 section (f) compliant? Accellion SFTA can help

Summary: Have you heard of Federal Rules of Civil Procedure - Rule 37 section (f), FRCP Rule 37(f)? How does it impact your organization's electronic record retention policy and how does Accellion's automated policy based file life cycle management tool help you?

-----
Unless you are a litigation lawyer or legal/IT consultant, you probably aren’t aware that new rules governing the use of electronic records in the federal court went into affect in December of 2006. Specifically, I am talking about Federal Rules of Civil Procedure - Rule 37 section (f), or FRCP Rule 37(f) if you are in the know, which addresses the issue of record retention.

But, before going any further, I do want to give the formal disclaimer: This posting is not to be considered legal advice, and you should seek competent legal counsel for your specific situation.

OK, with that out of the way, let’s get to the heart of the matter. The FRCP are long and detailed, but the one we are most interested in for today is Rule 37(f), which states:

(f) Electronically Stored Information
Absent exceptional circumstances, a court may not impose sanctions under these rules on a party for failing to provide electronically stored information lost as a result of the routine, good-faith operation of an electronic information system.

Don’t you just love legalese?! If your eyes, like mine, glazed over while reading the statement above, have a look at the Companies unprepared to comply with new electronic discovery rules article in Network World, which summarizes the issue nicely from an IT perspective.

What it comes down to is the need to preserve your electronic records, which includes email. How you preserve the records, and for how long, is up to you to decide. What the court is looking for is the fact that your organization has a consistent policy and a routine procedure for keeping and deleting electronic records. In other words, you can’t start to shred electronic records when it looks like you are headed to court like the infamous incident with Enron records at the now defunct Arthur Andersen.

Given that Accellion customers often use secure file transfer appliances as a complement to email attachments, the natural question is what the impact on the retention of attachments is, given the new procedures.

The first thing that you want to think about is what constitutes an electronic record. Is it just the text of an email message? Does it include the attachment? How about the audit trail that tells you who did what, and when? There's no definitive answer, so it's up to your company to set the definition. And, whatever you call a record, the onus is on you to be consistent in the way you define it and treat it.

If you decide to store your attachments as part of your electronic record, Accellion's automated policy-based file life-cycle management control can help. On one extreme, you can decide to keep a file on an SFTA for 10 years. Alternatively, I have heard cases where the retention policy is now moving toward no more than two weeks. Whatever the period, it is a simple setting in the Accellion SFTA. In other words, by using the automated file life-cycle tool for all the users, you are, by default, handling your files in a routine way, which satisfies the needs of FRCP Rule 37(f).

Because the new FRCP Rule 37(f) went into affect a few weeks ago, now is a good time to give serious thought to your retention policies. And, with the automated file life-cycle tool, Accellion SFTA provides a platform tool for an organization to create compliant processes without hiring a new army of administrators to meet the needs of the regulation.

ACA Guy