OpenText Fax & Document Distribution Group

At this year’s OpenText Global Fax Summit, Senior Product Manager Geoff Anderson and Senior Director of R&D, Treber Rebert, presented “The OpenText Fax Solutions Roadmap” to a room packed full of customers, partners and OTFDDG employees.  They focused on the future without forgetting the past: not only have we improved our long standing flagship product (23 releases in 25 years) but, perhaps for the first time in our history, are well on the way to paving the road to providing new products and new features only one month after a major release.  Despite releasing RightFax 10 a little over a month ago we already have an SR near ready to be released and new features able to be demonstrated. 

A few key highlight are: support for IE 9 (due out in RF 10 SR1 in the coming days), a cleanup of the RF Certified Delivery web UI, demonstration of image enhancement features (using the world class OCR technology included in RightFax from the Open Text Document Capture group) along with a new hierarchical file structure for image storage. 

The highlight of the product demonstration was a new cutting edge transfer technology that will allow registered RightFax customers to transfer files at 10 to 100 times their current faxing speed.  Imagine a world where secure traceable file transfer is as ubiquitous and easy to use as current day fax—that world is not far off.  Though there was clapping and positive comments for a variety of the features that Geoff presented it was this feature, code named ORCA, that really brought down the house and generated question after question.  Proof that the OpenText Fax and Document Distribution group continues to bring “Fax Goodness” to our customers current and future. 

 For more information on RightFax 10 visit the OpenText Fax and Document Distribution web site at: http://faxsolutions.opentext.com/rightfax-10-whats-new.aspx

PCI, what is it, how do we support it with RightFax? I’ve seen customers, internal and external; ask this question several times over the last couple months.

Well, it could be an acronym for the Precast Concrete Institute, but in this context it’s not (unless maybe they are a customer of ours). It could be the Peripheral Component Interconnect standard for local bus connectivity, but in this case it’s not (though this is relevant for RightFax due to the Fax Boards we use).

Instead, PCI is the Payment Card Industry (think debit and credit cards) and we are getting asked about this due to the Payment Card Industry Data Security Standard (PCI DSS). In October of this year (2010) the PCI Security Standards Council, a global, open industry standards body for this topic, released version 2.0 of the PCI DSS which becomes effective January 1, 2011.

Why is this relevant to RightFax you say? Well, as it happens, PCI DSS applies to companies that process and store sensitive payment card information such as the primary account number, cardholder name, expiration date and service code. Many companies that process and store this type of data are using fax for at least some part of this. When these customers are using RightFax for part of this business process the fax images stored by the RightFax server may contain this sensitive payment card information and fall under the requirements for storage under PCI DSS.

How do we comply with this requirement? Well, in one case, since the requirement for the customer was to get the fax images into an encrypted storage location we engaged our professional services team to develop a solution using the Open Text Document Server, Alchemy Edition to store the faxes in encrypted format using the Alchemy Database Encryption Module. This would meet the storage requirements in the PCI DSS guidelines and still provide employee access to the faxes via an Alchemy client.

If you are in the process of assessing your annual PCI compliance, or needing to understand better how to ensure Open RightFax be compliant with the new PCI DSS v2.0 standard (effective January 1^st 2011); please consult with Open Text Professional Services as soon as possible. Our consultants will work with you to understand your specific business needs and compliance requirements in relation to your RightFax implementation. This includes the option of extending your RightFax system with our Document Server connector and Database Encryption Module. Have you run into a PCI implementation requirement? How did you handle it? For more information on PCI DSS and other payment card industry security standards go to https://www.pcisecuritystandards.org/ .