1 / 9

Agenda – Secure Email Project

Agenda – Secure Email Project. Situation and background Risks Opportunities Evaluation of candidates Security compliance Core requirements Cost analysis Project r ecommendation Asks/Questions/Decisions Next steps User acceptance testing Architecture approval Deployment.

rasul
Download Presentation

Agenda – Secure Email Project

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Agenda – Secure Email Project • Situation and background • Risks • Opportunities • Evaluation of candidates • Security compliance • Core requirements • Cost analysis • Project recommendation • Asks/Questions/Decisions • Next steps • User acceptance testing • Architecture approval • Deployment UCSF Information Technology May 1, 2014

  2. Secure Email Project • Allows email with confidential information to be delivered securely outside of UCSF • Primary users include: • Health Care Providers • Legal Department • Finance Department • Human Resources • UCSF’s secure email system will be end of life and out of compliance on November 14, 2014 • All existing functionality will be replicated in the new system • There is no migration path for the current system; this provides an opportunity to evaluate leaders in the market

  3. UCSF Email Flow SSL External Recipient Secure Email Access Tumbleweed Secure Email UCSF Firewall Vontu Data Loss Prevention Antivirus and SPAM Email Hygiene Email server UCSF Departments/Users To: someone@external.com Subject : Secure: PHI stuff

  4. Gartner - Secure Email Gateway

  5. Five Year TCO

  6. Secure Email Recommendation Cisco IronPort • Lowest TCO for either cloud or on premise solution • Leads Gartner’s Magic Quadrant for secure email gateways • Reduces risk of exposure from compromised accounts • Meets all core requirements • UCSF sender experience remains the same

  7. Asks/Questions/Decisions • Please provide names of a few people who can assist with user acceptance testing. • Is the current Tier 3 classification correct? • System recovery is 5 days, Recovery point is 24 hours • Secure email can be queued for delivery once the system is recovered • Alternative communications would be utilized during an outage • Should external accounts be maintained longer than 1 year? • Secure messages are purged after 60 days • Maintaining external login accounts may increase security risk • Short expiration could lead tohigher volume of calls to the service desk and general dissatisfaction

  8. Next Steps ... User Acceptance Testing • Account creation and navigation of interface • Test sending, receiving, forwarding and recalling Architecture • Validate design and implementation plans Procurement & Deployment • Engage professional services • Produce documentationand appropriate messaging for the user community

  9. Secure Email Timeline

More Related