BlackBerry Cool

“With a normal BES setup, only emails routed through the server or phones could be archived. Using Retain, business can archive text messages, PIN messages, and phone logs for later use”

Hmm not really acurate. Retain is a good product and I’m not knocking it but the logging of txt, pin messages and phone logs is a function of the BES 4.1.4 or later, and does not require retain or other 3rd party applications – simply set your IT policies up appropriately and the data (phone logs or similar) will be logged to a log file on the BES alongside other log files. The nice thing is that it goes and grabs the data from devices – so if you have an incriminating text message from 10 days ago, the BES log will go grab it when the IT policy change has been received by the device and the device has uploaded its data to the bes.

Where Retain really shines is the layer is applies to these logs which includes making these log files easy to interpret, search and with appropriate user permissions. Definately worth having if you have lots of users and already have the IT Policies configured for logging (or have the will to implement it!)

Thanks for your kind comments Bertie Bassett. I would like to clarify a few items you spoke about.
We don’t profess to re-invent the wheel around the entire logging functionality of the BES. In fact we exploit it. Our true value proposition revolves around archiving and auditing securely and without any ability to alter or adjust data at any level.
We have learned that a large number of organizations have had significant issues garnering information from the logs generated by the BES. What Retain delivers is:
• a solution with no interaction at the device level
• securely archived unalterable data
• the opportunity for an organization to meet compliance and eDiscovery requirements quickly and easily
• the ability to provide SMS/PIN functionality and remain compliant.

Also we are being approached by organizations of all sizes. The need to secure data alone, speaks to SMB, Fortune 1000 companies, Government and Education. Therefore we are selling the software to a whole spectrum of companies with a wide range of BB users.

All,

Archiving is only one piece of the compliance game. The recent regulations from FINRA, NASD etc… demands pre-send scan of electronic communication as well as blocking of messages (what they call a “Chinese Wall”) according to presets. Gwava interface for search is great but financial institutions and other strict enterprises will not enable PINs/SMS with Gwava alone!

Thanks for that update Joe.
One premise around compliance that still is in place is that it is impossible for any organization to effectively control 100% of all communications. For instance if the employee is given a laptop or allowed to use a USB flash drive, clearly it will be impossible for any organization to completely prevent inappropriate misuse of these tools.

We don’t profess to be the total compliance solution for PIN/SMS and phone usage data, however we are proud to be part of an organization’s compliance and data security strategy.

Further, our largest and most numerous customers are financial institutions that fall under FINRA, NASD and SOX. The largest requests for our software also come from this vertical. The value props: PIN/SMS is a mandatory business tool and our software is viewed as the tool to enable this.

As a result of your comments Joe, we will now conduct research into the reg’s you speak about. We will determine in more clarity, the significance of these reg’s to the compliance challenge around PIN/SMS and Phone usage data.

I will update this blog as we get more definitive information. We will also be at booth #721 at BlackBerry’s WES where we would be happy to discuss this as well.

Thanks again for your insight.

Just wondering if anything else was found regarding the “Chinese Wall” scenario posted earlier. Working for a financial firm monitoring of all communication has become more and more an issue. The typical practice might be to not allow it but I am positive there are firms larger than mine that do allow it and having the ability to produce the information has been enough to satisfy any NASD, SEC, or FINRA requests.

We are in the process of evaluating a new product from Onset Technology called ACT. I saw their product during WES and they are the only one with actual end point security including the “Chinese Wall”. They do not have any search utility but connects to the current Archive/eDiscovery system.

I am also somewhat disappointed that you were unable to meet GWAVA at WES so we could show you how our software deals with the “Chinese Wall” Issue. We handle this completely at the server level without deploying software to devices. Therefore you can safeguard insider information using our software.

Our solution also allows you to deliver the data to your current archiving solution.

Simply, consideration of dealing with safeguarding insider info should not be be limited to solutions outside of ours.

I would also like to respond to Chris Stogsdill’s comments. We have just signed a major American Bank who falls under NASD, SEC, and FINRA where our solution has met all their compliance/security requirements.

Feel free to contact me any time Chris.

MithchatGWAVA,

I did visit GWAVA at WES and was told RETAIN for Blackberry can’t block PIN2PIN or SMS and can’t do discovery before a message is sent (and received…) but does discovery after the message is sent. IAs a compliance officer I must let you know that this does not comply to the “Chinese Wall” unless the financial firms believes that a singed by the employee written procedure is enough (most financials do not!).

MithchatGWAVA,

I did visit GWAVA at WES and was told RETAIN for Blackberry can’t block PIN2PIN or SMS and can’t do discovery before a message is sent (and received…) but does discovery after the message is sent. IAs a compliance officer I must let you know that this does not comply to the “Chinese Wall” unless the financial firms believes that a singed by the employee written procedure is enough (most financials do not!).