ZSentry: The NMA Solution

Follow-up in Questions»


ZSentry Diagram
This is a technical article on NMA ZSentry, covering regulatory compliance including HIPAA & HITECH Safe Harbor, mobility, functionality and usability. This article is a continuation of the concepts introduced in Communication Convergence.

Communication convergence, including cloud architectures, are fast increasing mobility and functionality. They are also leading to a useful aggregation of gadgets and applications in now common devices such as smartphones and tablets. However, convergence exposes security gaps that militate against the desired mobility, functionality, and aggre­gation.

Conventionally, solving the security gap problem would fall to the providers of the various communication channels (e.g. email, SMS, single-sign-on, voicemail), such as when a server uses SSL to deliver secure content. However, due not only to competitive interests in creating "walled gardens" that are incompatible with each other, but also to the sheer diversity of systems, third-party technologies may need to be incorporated from the end-user side. Alternatively, it may be solely incumbent on the enterprise to extend existing channels to achieve the desired level of security, mobility, and aggregation. Clients and end-users outside the enterprise also add a large diversity in terms of their requirements, devices, and services, none of which are under enterprise control.

These considerations pose some conflicting requirements on architecture, security, and usability, which we address with the NMA solution.

In terms of the NMA solution architecture, because the security gap problem may need to be solved from any side, and also from both sides in some cases, the solution should not be localized at any end-point.

However, we also know that security and communication problems are more effectively solved at the end-points of a communication system. Instead of demanding complete and correct control at every intermediate step, it is usually easier to control the end-points.

In usability terms, we need to take into account that "users abhor changes". Moreover, a secure system that is not usable will be insecurely used, or not at all.

To satisfy these usability, security, and architecture considerations, NMA Inc. developed the Network Middleware Application™ (NMA) technology. NMA is a unique, distributed middleware technology that may be divided in two conceptual parts:
  1. User: (client or server) this part of the NMA middleware is already present in each client and server. For example, the SSL SMTP client interface in Outlook, Google Apps, and Exchange Server.
  2. ZSentry: this part of the NMA middleware is provided by ZSentry and is represented by the ZSentry components shown in the diagram above.
NMA ZSentry can thus be added by any party, including the communication provider, a customer, or an end-user. To assure compatibility with varying provider, customer, and end-user needs, NMA ZSentry uses standard cryptography and provides communication convergence with a regulation compliance model that the customer can customize as needed. For example, while messages and attachments are encrypted per-recipient, they are provided with document, access, delivery, and tracking controls that senders can personalize. Messages can also be sent, read, and stored securely anywhere, anyway, in the phone, tablet, and desktop.

With ZSentry, it is possible to control all needed end-points without changes for the end-users. NMA ZSentry works at each end-point, making adoption an end-user decision while interfacing “in the middle” (in-between the end-points), so that there are no changes for end-users.

In summary, NMA ZSentry lets you do all in regulation compliance, with a phone! Or a tablet, or whatever you and the recipient want to use. Extending smartphones and other devices to smart IT, NMA ZSentry aggregates user services and adds best-in-class usability, while securing services, applications, and devices without changing them.

Everyone is now an expert.

ZSentry takes in the often difficult aspects of communication convergence and regulatory compliance and balances them with a service/platform that creates "instant-on" compliance and convergence, anywhere, anyway. The result is communication convergence that is functional with the usability, mobility, security and privacy needs of both customers and end-users, not adversarial.

ZSentry Works with leading solutions including Outlook, Exchange, Google Apps, iPhone, and Android. ZSentry is also future-compliant because it uses standard-compliant interfaces for basic services (SSL, SMTP, HTTP), while not relying on any particular service. ZSentry has received vibrant user reviews and was selected in the 10 Enterprise Must-Haves by CIO Insight.

The ZSentry solution is as ingenious as it is simple to use. But simplicity can be perplexing. The next sections can help you apply it. You can also Try NowTry Now

NMA ZSentry is a Network Middleware Application™ (NMA) that works as a distributed middleware in the network, without changing the end-points.

Adding NMA ZSentry — Secure, Personalized Convergence

Organizations today would likely see the following main choices of resources for services, devices, software, network, and providers:
Google Apps, Gmail, Yahoo, Outlook, Thunderbird, Apple Mail, iPad, iPhone, Android, Blackberry, Nokia, Internet Explorer, Firefox, Safari, Opera, Exchange Server, email, webmail, SMS, IM, Single-Sign-On, and file storage.
However, in defining a suitable set of resources, the central question for a corporate purchase decision is not about the resources themselves. What matters is the set of capabilities that they can support in common, and how this set matches the business needs of the organization. Organizations, therefore, have to look into what capabilities those resources may have in common, such as:

(a) They are regulatory compliant (e.g., HIPAA, HITECH, ARRA, GLBA)
(b) They work together
(c) They can help reduce online risks
(d) They make it easier to use different devices

Today, however, the only common point between those resources is (e) none of the above.

But option (e) is not helpful. The list of resources above includes leading brands and services and yet many organizations cannot use them due to lack of needed capabilities.

HIPAA compliance, for example, is a mandatory business need in the US and not only in the health-care sector. HIPAA compliance also affects billing, insurance, government, education, and other market segments quite directly. HIPAA is very broad in application and mandates, as an example, that an accountant firm must be HIPAA compliant in order to process patient account data.

In addition, and independently of regulatory requirements such as HIPAA and GLBA, organizations face other barriers in using those resources, such as not working well together, limited functionality, and higher online risks such as password vulnerabilities (likely to happen) and server breach (inevitable).

Adding NMA ZSentry creates a new option: “all of the above and more”

How about changes? Users abhor changes. If there is any consensus in what users want, it is that they want to use their systems without change! Accordingly, ZSentry does not change any resources, including services, devices, software, networks, and providers. There is no change to any user interface. It does not change how email or other Internet protocol works. Nor does it receive email or host email addresses for users. There is nothing to download or install, no plugins or add-ons, no digital certificate to add. There is no POP or IMAP server use, no stored cookies, no ActiveX controls, no Java, Javascript is not required, setup is optional.

For example, you continue to receive email at your usual Inbox, with an email address that you already have, using your Mail client or web browser as before, and with nothing routed through ZSentry.

Then, what does NMA ZSentry do? ZSentry complements the capabilities offered by leading services, devices, software, network, and providers, enabling compatible, usable, secure, regulatory & Safe Harbor compliant solutions in all platforms, with seamless operation.

How is this even possible? We designed NMA ZSentry as a distributed middleware, which is a technical term. It means that ZSentry stays in-between (the “middle” in middleware) what you already have. It works with the message itself, not receiving the message, not at a storage place for the message, and not even in sending the message.

To interface with user applications, ZSentry uses standard processes already available at client and server sides. ZSentry is provided as a service, with Sans Target operation supporting regulatory & Safe Harbor compliance.

Try Now

We offer a range of ZSentry services that you can use with your current on-premise, on-demand and mobile IT solutions without changing them, with no installation or plugins. Click Free Trial for a selection of what is available online, request a free trial, or request help.

Our ZSentry Certified Partners may also provide local and online services for your organization, and help assure regulatory compliance, including HIPAA & HITECH Safe Harbor and mobile devices.

User Requirements & Security

For NMA, usability is the first and foremost requirement of a secure system. That a service is actually usable by users, with no prior training required, is a very important factor to assure compliance to security requirements by all personnel involved.

User requirements and security needs include protecting personal and other sensitive information against inappropriate and unauthorized use and disclosure, whether due to external or internal attacks, while assuring usability.

How about login vulnerabilities and server breaches? It is easy to show that with the ZSentry Sans Target technology the user login can be sufficiently hardened while user data and privacy can be held harmless, even if there is an attempted security breach.

User authentication by ZSentry uses a two-factor strong authentication process with a Usercode / Password digital certificate. This process is a direct replacement for, and resembles, the familiar but deeply flawed username / password user authentication, which largely avoids user education and directly supports usability. ZSentry login is designed to prevent phishing, dictionary attacks (even if a user chooses a weak password), and other vulnerabilities, with no password or username lists stored anywhere, not even encrypted.

ZSentry also uses the Safe Harbor condition to eliminate costly breach notification requirements and fines, with a least requirements strategy that automatically offers “instant-on” compliance with HIPAA, HITECH and other regulations.

These aspects are important particularly for businesses, for which communication convergence must not only offer services that work together. They should also be HIPAA compliant (when needed), Safe Harbor compliant, allay liability concerns, help reduce online fear, make it easier to use different devices, present a uniform user interface and, for easier adoption, reduce change.

Focus on Capability, Extend Resources

By adding ZSentry, communication convergence becomes more effective and can be used to also blur the lines between resources such as services, devices, software, network, and providers. Rather than talk about resources the focus is now on capability, which is what matters for businesses.

With ZSentry, it is also not so relevant anymore where a capability resides or how it emerges and is extended for the user. What matters is that the capability is provided according to the User Requirements that are needed for the operational conditions. For example, if the organization sending protected information is a Covered Entity under HIPAA, it matters whether a user can read it with HIPAA compliance.

ZSentry as a Service

By adding ZSentry, what used to be a software, that needed to be bought, installed, and often updated, can become a service that has no installation and is always up-to-date. A market dominated by a secure corporate email service using proprietary devices tied to a single provider, can be disrupted by a secure corporate-oriented ZSentry service that works in any device and provider, and not just for email.

ZSentry as a Platform

Adding ZSentry facilitates the opening of communication markets to competition and empowers users to find their own desired aggregation of resources including services, devices, software, network, and providers, rather than only using available market packages.

Both aspects facilitate market entry for new products based on ZSentry, seen as a Platform. For example, a developer can use ZSentry as a Platform and third-party resources to build their own service. By using the ZSentry Platform to coalesce other services, devices, software, network, and providers, a developer can then easily provide new functionality, increased security, better mobility, and more usability, much in the same way that ZSentry is used as a Platform for its secure Mail service (ZSentry Mail™ or Zmail™).

ZSentry as a Partner

Adding ZSentry creates new opportunities for partnerships. ZSentry is a complement product to leading IT solutions in all platforms, and can provide more options for a partner's customers while enhancing their product or service.

Because ZSentry is a distributed middleware it does not change or compete with any IT system that it complements. Rather, ZSentry is beneficial to partners and their customers. ZSentry can add security, more connectivity, more productivity, new functionality, mobility, and extend the life of existing IT solutions.

ZSentry has an acclaimed commitment to customers. This commitment extends to partners and their customers. Partners can add the ZSentry Certified partner qualification, providing partners with training and support to make sure that NMA ZSentry solutions are running as their customers need them to run.

ZSentry as Creative Recycling

Information technology creates forward efficiency and... leaves behind waste. There are many US health-care providers still using fax, which is not HIPAA compliant and is personnel-intensive. Telex is still used in many countries. And documents that can be sent digitally certified and secured in a fraction of a second, are still sent quite expensively during what is now a very long overnight delivery, by courier services. Digital information may have to be sent without external but otherwise needed meta-data (e.g., central timestamp), which then has to be added and verified manually, introducing errors and opportunity for fraud. Early obsolescence can also be forced by system changes or limitations, even though the devices themselves perform adequately.

Adding ZSentry can work as creative recycling and help include previous processes (and their benefits) into a modern process, reducing cost, time, and errors. For example, while people may still need to send faxes, they do not have to be received as faxes. A fax machine can automatically reroute faxes securely through an email gateway that adds ZSentry for secure delivery, with no paper required. An email service can add ZSentry, which includes a centralized timestamp service referred to the US NIST atomic clock, and emulate the same business-critical functionality (missing in regular email) provided by telex while also securing the messages end-to-end.

ZSentry as Personalized Convergence

Communication convergence benefits both consumers and business, and increasingly allows real-time, anywhere use. However, users need to make do with whatever convergence level might be available in the market, even at the high-end.

By adding ZSentry, users can personalize the convergence experience. For example, consumers may just want a least-cost combination, while organizations may want to choose a best-of-breed combination of resources that reduces both risk and cost, while reusing investment & promoting revenue. Go to 30+ ideas »


NMA ZSentry provides organizations with regulatory compliance and communication convergence as a service/platform, working with leading solutions in an “all of the above and more” approach.

Easier Market Entry, More Choices for Customers: Adding NMA ZSentry as a service/platform can also help new companies play a role in the process of convergence, where new market players can move in more rapidly with less cost and less barriers to entry, adopting different market models from conventional telecommunication companies and potentially create new markets.

ZSentry adds regulatory compliance, mobility, functionality and usability to your applications without changing them.

Read more: Frequent Questions»
Main Technical Notes
Overview   Key Features   ZSentry App   ZSentry Client   API   Smart IT   SAML & SSO
  Security   Usability   HIPAA & HITECH   Experience   Why ZSentry?   Red Flags   SUMMARY

Development and © by NMA

Titles and product names are trademarks of NMA, Inc. as described in our Legal Statement. We protect Your Privacy.