The Half of the Secure-Faxing Equation Your Customers Are Probably Neglecting

Your financial-industry customers are likely neglecting half of the secure-faxing equation: storage at rest. Here's how to help them enhance the security and regulatory compliance of their business faxes by moving their fax infrastructure to the cloud.

In a previous MSP Mentor post we discussed the substantial revenue opportunity we see for managed service providers like you in helping your customers enhance the security and regulatory compliance of their business faxes by moving their fax infrastructure to the cloud.

In that post, we discussed common vulnerabilities that exist in many businesses’ faxing processes–lack of privacy, chain-of-custody problems with paper faxes and the risk in failing to securely archive old faxes electronically.

It’s worth expanding on that third pitfall–businesses failing to securely store their faxes electronically–particularly for heavily regulated industries such as financial services. For your finance-industry customers, securely archiving and storing their old faxes 24/7 can be a vital step in protecting critical business data, and even in complying with federal regulations.

More to the point: It’s entirely possible your customers are not currently implementing these mission-critical measures, and that creates a real opportunity for you if you have the right cloud fax solution to offer them.

The Half of the Fax-Security Equation That Many Businesses Forget

Most online fax services offer some type of security for faxes in transit–Secure Socket Layer (SSL), for example, which establishes a secure connection over the Internet between fax sender and fax recipient, and then encrypts the data during transmission for good measure. The better services, like eFax Corporate, offer TLS for a higher level of security.

But that transmission journey–although obviously important–represents at most only a few minutes of an online fax’s life. What happens to it then?

If your customer is in the finance industry–say, a brokerage house–and receives a fax from one of its customers (containing personally identifiable information and/or confidential financial data), what the company does with that fax for the long term can make all the difference in whether the data remains secure and the business stays on the right side of SOX and other federal regulations.

That’s the half of the fax-security equation most businesses neglect: the fax at rest, where it may well remain for years or even decades for reasons of record keeping, auditability and legal discovery.

And many online fax services do not offer sufficient security or controls for their cloud-based storage of your old faxes.

What True Stored-Fax Security Entails

So, what does securely storing old faxes mean? Is it enough for your customers to keep them archived in their corporate email accounts, which require passwords to access? Not even close.

True security for your customers’ cloud-based faxes means the online fax service they use stores them on secure servers, in secure offsite data centers, where this mission-critical data is protected 24/7 by:

Storage redundancy (in case of server failure or natural disaster)
Biometric access
Badge requirement
Video surveillance of the facility 24/7/365

Plus, all of the servers that house your customers’ data should be at Tier III or Tier IV colocations, which are highly secure data centers with redundant architecture and servers guaranteeing 99.982% availability.

In our view, anything less than these parameters for fax storage does not offer an adequate level of protection, reliability and regulatory compliance for your finance-industry customers.

How These Fax-Security Measures Affect Compliance

As if the security of their proprietary data weren’t enough reason for your customers to re-examine the security of their fax processes–up to and including what happens to their faxes when they go dormant, into digital storage, for the long-term–these processes also have a direct effect on your finance-industry customers’ compliance with SOX and GLBA.

Compliance with the finance industry’s key regulation–GLBA–demands that businesses put processes in place to protect the privacy of personally identifiable information about a financial institution’s customers. That responsibility extends beyond the need to ensure customer data sent and received by fax, for example, is always transmitted securely (e.g., encrypted).

Even after your finance-industry customer has received by fax, say, a tax form or stock-purchase request from a customer, it has an ongoing responsibility–forever–to keep that customer information confidential.

The best way to achieve this level of regulatory compliance is to put the business’s entire fax infrastructure in the cloud–with no paper that can be left accidentally on a fax machine–and then ensure the digital copy of the fax is stored securely at a compliant offsite data center, where it’s protected 24/7 with redundant security processes.

SOX compliance requires third-party audits of any aspect of publicly traded companies that could affect those companies’ income statements.

When it comes to faxing, if your customer sends or receives documents such as purchase orders, employment offers, timesheets or invoices, those faxes become part of the material that falls under SOX’s third-party audits.

This means your finance-industry customer needs a highly organized process in place for indexing, archiving, storing and then making easily retrievable any such fax document–often on little notice from a third-party auditor. This is one reason a secure solution for online-fax storage is so valuable–indeed, necessary–for businesses in the finance industry and particularly those that are publicly traded.

How You Can Offer Such a Secure-Faxing Solution

eFax Corporate, often complemented by eFax Secure in highly regulated business environments, is entrusted every day as part of the eFax portfolio’s transmission of millions of pages to handle businesses’ sensitive corporate documents in the most heavily regulated industries. Our proven process helps enterprises meet the strictest federal mandates regarding data transfer, tracking and storage.

And this solution is now part of our support-driven, high-touch, lucrative Partner Program. Please visit our eFax Corporate Partner page to learn more.

Peter Ely is Leader, Channels, Enterprise Marketing. Currently responsible for the Enterprise Partner Program for j2 Cloud Services, Peter is a 27-year technology veteran, having held senior executive positions looking after Presales Support, Product Management, Product Marketing and Technical Evangelist teams in the telecommunications and data networking arenas in positions located across two continents and three countries. Guest blogs such as this one are published monthly and are part of MSPmentor’s annual platinum sponsorship.