DISC Company & Product Overview (Powerpoint Presentation)

DISC Product List.pdf

Blackberry Hosting.pdf

Email Archive & Compliance.pdf

Instant Message Archive.pdf

Remote PC Backup and Recovery.pdf

New Customer Setup Form.pdf

1.  Why does my firm need to archive and monitor e-mails and instant messages?
Answer: Archiving provides a fast and easy way to enable users, compliance officers, auditors, and management to access all e-mails from a single database with an easy to use interface. The archive can assist with lost e-mails, audits, electronic discovery related to lawsuits. Plus, numerous regulations exist related to the retention of electronic communications.

Surveillance is necessary to mitigate the risk posed by e-mails. E-mails are often the “smoking gun” in lawsuits so by showing that your company proactively monitored and quarantined e-mails in an effort to prevent harassment, sexual harassment, workplace violence, and regulatory violations, you are minimizing the risk of being sued. Should a lawsuit against your company occur, your company can show a good faith effort on the company's part to prevent those types of things from occurring.

2. What are the compliance issues revolving around e-mail?
Answer: In addition to SEC rulings, there are different regulations in different industries, such as HIPAA, Sarbanes-Oxley, and Gramm-Leach-Bliley.

SARBANES-OXLEY ACT
The Sarbanes-Oxley Act, enacted in July 2002, applies to all public companies in the U.S. and creates new data retention policies and outlaws changing or destroying financial records. Section 404 of SarbOx, holds CEOs and CFOs accountable for the accuracy of financial statements.

GRAMM-LEACH-BLILEY ACT
Under GLBA, financial institutions, including banks, have a mandate to secure private customer data. They must implement a comprehensive, written information security program with administrative, technical and physical safeguards for customer information. E-mail surveillance helps keep track of those safeguards and allows financial institutions to minimize or eliminate security breaches.

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT
Under HIPAA, organizations must guard PHI (protected health information) and implement policies and procedures to archive communications between patients and providers. DISC provides an easy to use, scalable, inexpensive way to archive those e-mails.

SEC 17a-4; NASD 3010/3110
These rules for broker-dealers and securities cover retention for securities firms, stock brokerage firms, and any financial institutions that deal in the trading of securities of any type. These rules require archiving of electronic communication to non-rewriteable storage, and require fast retrieval and viewing of the information in the archive. In addition, if you are a Registered Investment Adviser, Section 204 of the Advisers Act of 1940 requires investment advisers to comply with the Investment Advisers Act of 1940 ("Advisers Act") and the rules thereunder including producing the books and records upon the request of the Commission ' s examination staff. The Commission ' s examination staff conducts examinations of registered advisers to determine: 1) if advisers are conducting their activities in accordance with the law and disclosures made to clients; and 2) whether they have adequate systems and procedures in place to ensure that their operations are in compliance with the law. Archiving e-mails and instant messages allows advisers to show that they have compliance systems and procedures in place.

USA PATRIOT ACT
Banks must implement Customer Identification Programs (CIP) that use "reasonable procedures" to defend against the use of the financial system by terrorist organizations. Banks must now verify new account holders, maintain records, including e-mails, of the information used to verify identity at the time, and screen new customers against a watch list of known and suspected terrorists.

3. Can't we just write all e-mails to CD-ROMs or tapes in the IT department?
Answer: Backing-up to tape or disk is technically relatively easy to accomplish. But restoring and viewing a single e-mail or set of e-mails from or to a specific e-mail address or domain, across many years of data, can be nearly impossible. Most backup & restore solutions do not offer file level retrieval, according to some studies less than 50% of corporate IT staffs' restore attempts are successful, on top of that – e-mails and instant messages add further complexity.

4. Couldn't we just save e-mails on corporate e-mail servers by adding more storage and performing regular backups?
Answer: Backing up an e-mail server, at a given point in time, does not save all of your e-mails. If backups are done nightly, an e-mail that is sent and deleted during the same day will not be backed up. In addition, adding more storage leads to rising costs and increased retrieval difficulty and performance problems for mail servers. If the backups are done on a corporate mail server, they are backed up in a proprietary format and new releases of mail server software and changing mail server vendors will affect the ability to restore the e-mail. Imagine trying to retrieve all documents from a given employee for the past year by loading all of that employee's e-mail from every nightly backup tape.

5. How does DISC help with the problems of storing and retrieving e-mails?
Answer: The DISC e-mail & instant messaging compliance solution is an easy to implement, highly scalable, reliable and secure way to ensure long-term storage with on-line, real-time search and retrieval capabilities.

6. What does the customer have to do to set this up?
Answer: There is no special software or equipment to install or configure. Your e-mail administrator will work with the DISC team for a few hours to ensure that proper routing of e-mails is established.

7. How do I look at the e-mails I've stored?
Answer: Using the DISC web site, via a standard web browser, the user can view or filter e-mails using a set of search criteria. Search results are available on-line within seconds. When the required message is found, the original version—with all of its delivery information and attachments, can be viewed, printed or saved locally. The search function allows flexible search options such as retrieving e-mails across specific date ranges, using wildcard character search to look for specific words within subject lines, and looking for all e-mails from a specific domain (e.g., earthlink.net).

8. How scalable are the services?
Answer: The DISC solutions are highly scalable without using up your corporate IT resources. DISC's hosted solution means we scale with your needs allowing your company to avoid large investments in infrastructure to manage anticipated growth.

9. How fast will I be able to retrieve an archived document?
Answer: Usually within seconds. Since this is a web-based presentment application, the speed of presentment to the user is affected by the speed of their connection to the Internet.

10. What about the issue of security and the Internet?
Answer:

User Security: User access is controlled with user ID and password authentication. Document access is controlled using access filters against specific index values. Unauthorized users are disallowed and flexible password rules can control lockouts. Monitoring software also detects and prevents unauthorized access to the web server.

Data Security: Our web servers use SSL (Secure Socket Layer) a commonly used protocol for managing the security of a message transmission on the Internet using public and private keys and 128-bit encryption technology. Firewalls prevent unauthorized access to the back-end database server and document storage.

Physical Security: Security policies and procedures for prohibiting unauthorized access into secure areas, including transport and access operations, network operations and data center operations.

11. How do I pay for this?
Answer: DISC offers the solution via a software license, through a hosted service, or via the sale of an appliance which acts as a firewall with the DISC functionality.

For the software licenses there is a monthly fee. For the hosted solutions there is a small set-up fee, after that your company is charged a monthly fee based on the number or users and the total number of GBs stored. For the appliance there is a one-time fee plus an annual maintenance fee.

12. What do I need on my desktop?
Answer: To retrieve and view e-mail and instant messages and to access the spam filter you only need an Internet browser.

13. How reliable is your infrastructure?
Answer: DISC continually monitors systems and components to ensure the utmost availability for the entire delivery chain. This /Includes data transport and access, network operations, data center operations, application support and business integration. We have completely redundant infrastructure and carrier access.

14. How will DISC save my firm money?
Answer: We recently helped a client who was being audited by the NASD. With several years of data on backup tapes they needed a method of retrieving specific e-mails as the NASD requests came in. Our solution is able to retrieve e-mails for such requests in seconds. This resulted in the client saving thousands of dollars that would otherwise have been spent on labor, equipment and software. Call us and let us show you how we can save your firm money.

15. What types of email are supported with your software?
Answer: Exchange, PST, IMAP, POP3. DISC can work with any email systems including Yahoo! Email.

16. How do you minimize data storage utilization?
Answer: The DISC solution uses single instance store for all messages and for all parts of the message. The single instance store is at a sub-message level.

17. Can you import old email files into DISC?
Answer: We can import files from almost any type of source including databases, tapes, and other email archiving systems.

18. What type of search capabilities do you provide?
Answer: Through the DISC search screen you can search by all email fields including headers, to, from, body, attachments, date, etc. You can use inclusive as well as exclusive phrases.

19. Can you exclude a customer's email disclaimer or email footer?
Answer: Company disclaimers or footers are easily excluded so as not to flag every email if the disclaimer has a policy violation within it.

20. How do you handle compression?
Answer: On top of the single instance storage our software compresses the data allowing our partners and customers, as well as ourselves, to minimize data storage hardware requirements.

21. What are you using for Instant Messaging archiving?
Answer: We can use Jabber or FaceTime and we hope to have our own technology in the not too distant future.

22. Do you have any API's or reporting output to drive functions to gather information for reporting purposes?
Answer: One of our best feature is our reporting tool on the admin interface. We can do XML, PDF, XLS, CSV etc. APIs are accessible through Java.

23. Do you scan images?
Answer: We can flag any image file and we can create a thumbnail screen to allow the human eye to quickly catch porn or other categories of images. We could put an OCR tool in place to pull text out.

24 Do you scan .wav files?
Answer: We do not currently scan .wav files for policy violations; however, we can flag all emails with audio files, just like we can do with pictures.

25. What type of supervision capability does DISC offer?
Answer: We do PRE and POST review. In the pre-review scenario we could quarantine a message or let it pass through. We have the ability to provide supervisory only in POST review situation for IM.

26. How is an administrator notified of a flagged email?
Answer: DISC can email the administrator when a message is flagged or the administrator can change the settings so he is only notified once he logs into the web tool.

27. Do you have load balancing?
Answer: We have load balancing in-between the SMTP engine, proxy servers and one in front of the multiple archives.

28. What OS are you using for you hosted solution?
Answer: We are using Linux via a modified version of Slackware using the Reiser File System but the software will run on any operating system that supports a JAVA runtime environment.