As a leading provider of supplemental health insurance benefits and financial services to a wide range of employee groups across the United States, this family-run firm focuses on delivering customized programs based on outstanding customer service. That means not just meeting clients’ needs for the timely and reliable exchange of data, but also maintaining the strict security and auditability that regulations require for Personally Identifiable Information.
At the same time, the benefits provider’s employees have a diverse range of file transfer needs, including person-to-person ad hoc file transfer, folder-based file sharing, secure “one-to-many” file distribution, secure file collection and system-to-system scheduled batch file transfers. For example, a user might want to send ten files to ten different customers, all at the same time, with receipt confirmation. To enable high productivity and efficiency, even complex file transfer transactions need to be straightforward for users to execute with minimal training and IT support.
The company switched to MOVEit after struggling with Axway software that quickly proved too difficult to use, especially due to its complex set-up requirements. “It was resource-intensive and expensive to create and manage Perl scripts to drive automation in the legacy solution,” said the MOVEit administrator, a security specialist reporting to the company’s chief information security officer. “Also, the provider claimed PCI and HIPAA compliance certification, but the solution failed to meet our security, compliance and reporting needs even with extensive custom coding and the purchase of multiple add-on modules.”
Recognizing the need for a more secure, reliable and cost-effective file transfer system, a three-person team began evaluating alternatives. “We knew what we wanted and what the other system couldn’t do,” the administrator related. The insurer’s bank was a MOVEit customer and strongly recommended the product on the basis of user-friendliness and solid support. After seeing an online demo that illustrated how easily and cost-effectively MOVEit could meet all their complex requirements, the team quickly recommended purchasing it.
“MOVEit makes it very simple to do complex file transfer operations,” explained the MOVEit administrator. “It meets our requirements out-of-the-box without the need to write and maintain a lot of code.” In fact, MOVEit has proven so easy to manage and use that an entry-level person can now administer it, freeing the skilled security specialist for other work.
Auditing and compliance are crucial concerns for the benefits provider. “It’s absolutely vital that we can prove to recipients that their files arrived in a secure and timely manner,” asserted the administrator. “MOVEit gives us the predictable delivery and comprehensive reporting we need.”
The firm currently uses MOVEit to keep its backend systems in sync with partner and customer systems, such as banking systems. Most such tasks are automated, system-to-system batch file transfers. MOVEit also performs many file transfers within the company’s business units.
Files can contain thousands of names, Social Security Account Numbers (SSANs) and other sensitive information. MOVEit-driven processes must meet HIPAA and Model Audit Rule (MAR) requirements, as well as the insurer’s internal security policies—which include monthly security audits. Data loss would impact the company’s reputation, cost millions in future business and put the CISO’s job in jeopardy, according to the administrator.
The company recently rolled out 700 iPads to field staff, and it is evaluating MOVEit Mobile for secure file transfer to the devices. “Our independent brokers in the field need a way to securely transmit PII (names, SSAN, salary data, etc.) from their mobile devices to our new online system for processing applications,” the administrator stated. “We’re currently testing and playing with using MOVEit to manage file transfers from our field workforce, and are planning to roll out the application next year.”