Regulatory Requirements
FaceTime offers a comprehensive suite of solutions that address the challenge of meeting instant messaging regulatory requirements and the security and management of peer-to-peer file sharing, social networking other real-time communications and Web 2.0 applications for a variety of industries. Our solutions enable businesses to simultaneously meet strict IM and electronic communications compliance guidelines, secure application behavior on the network, and manage user policy all while benefiting from the efficiencies of a real-time business.
Government regulators are taking the issue of compliance more seriously then ever before, imposing harsh penalties on those that don't comply - from litigation and massive fines, to in some cases, imprisonment. Read about the myriad of state and federal regulations imposed by the SEC, NASD, NYSE, FDIC, FCC, FERC, HIPAA, MiFID, as well as independent regulating bodies like FINRA and learn how FaceTime solutions help companies ensure compliance for public instant messaging, social networking, and unified communications platforms such as Microsoft Office Communications Server and Lotus Sametime in collaborative, highly-regulated environments.
| Industry |
Regulator/Regulation |
Impact |
| All |
US Federal Courts - Federal Civil Rules of
Procedure #26-35 |
Effective December 1, 2006, this legislation requires
organizations to keep track of these and other electronic records and be able
to produce "electronically stored information" as part of the
e-discovery process. |
Financial Services
(Investment Banks, Broker/Dealers, Mutual Funds, Investment Advisors)
|
Sarbanes Oxley (SOX)
NASD 2210, 3010/3110
SEC 17-a/34
SEC 204-2
NYSE 342, 372, 440
FINRA
|
IM defined as electronic communication "book and
record," required to be logged, audited and archived.
Social media communications need to be supervised, reviewed and retained. |
| Banking |
Sarbanes Oxley (SOX)
NASD 2210, 3010/3110
SB1386 in CA
Gramm Leach Bliley Act (GLB)
USA Patriot Act (USPA)
FDIC
FINRA
|
IM defined as electronic communication "book and record". GLB
requires security of customer information. USPA requires record retention of
suspicious communications associated with money transfer and laundering.
FDIC provides guidance on security and management of IM. Learn more about
commercial banking regulations.
Social media communications need to be supervised, reviewed and retained. |
| Federal Government
|
Department of Defense (DOD)
Federal CIO Council
|
DOD Directive 5015.2 sets standards for records retention,
including IM.
Guidelines for Secure Use of Social Media by Federal Departments and Agencies, v1.0
|
| Life Sciences/ Healthcare
|
Health Insurance Portability and
Accountability Act (HIPAA) |
HIPAA requires retention of patient records during clinical trials
by med/pharma companies and privacy of patient records, including patient
information shared over IM. |
| Energy |
Federal Energy Regulatory Commission (FERC) |
IM defined as electronic communication "book and record". FERC
requires the logging and auditing of transaction-related information. |
| Telecom |
Federal Communications Commission (FCC) |
Extensive record keeping and storage requirements. Supervision and
index of books and records required. |
| Investment Services (Europe) |
Financial Services Authority (FSA) |
Markets in Financial Instruments Directive (MiFID): IM is required
to be recorded when orders are received over this electronic communication
medium. Data must be stored for a three year period in a format readily
accessibly by the FSA, and it must not be possible to alter or manipulate the
records. |
Defense in Depth
Only FaceTime offers a complete Defense in Depth approach for end-to-end
management, security and compliance of IM for regulated companies. The Defense
in Depth approach includes two key components:
IMAuditor
in the LAN to enable user policy management, hygiene (anti-spIM, anti-virus),
regulatory and corporate compliance, archiving and logging, and identity
management.
USG
in the LAN or the corporate DMZ to guard against sophisticated workarounds and
ensure compliant and authorized use.
|