Interview With Bill Ho - Biscom CEO

Interview With Bill Ho - Biscom CEO
Aviva Zacks
Posted: December 16, 2018

Bill Ho is the CEO of Biscom, which provides the world’s most secure messaging solutions for the enterprise environment. A technology leader with a background in software engineering, Bill believes in using tools and data to solve difficult problems – while maintaining the highest standards of cybersecurity.


Safety Detective (SD): Hi Bill and thanks for taking the time to talk to SafetyDetective.com! Tell me a little bit about Biscom, how the company started, and what its mission is.

Bill Ho: We founded Biscom back in 1986.

We created the very first fax server for use in large organizations. Before that, there were fax machines and PCs with embedded fax modems.

We completely revolutionized that segment and built a system to allow really large organizations to centralize and automate their fax traffic, migrating them from ad hoc to a managed service.

Today, faxing has evolved and we’ve evolved along with it to provide workflow automation, secure document delivery, and enhanced security, management, and analytics. We’re continuing to add solutions in that space including our file transfer and document conversion utilities.

Right now, I’m particularly excited about Biscom Transit, which is our secure email and file sharing solution.

SD: How do you feel that online security has changed in the last 20 years? So much has changed since you founded the company.

BH: It has certainly evolved drastically!

I don’t think security was at the top of anybody’s to-do list at the time whereas now companies are fixated on it. The threats today are also very different than they were back then. Certainly, there have always been sectors like healthcare, financial services, and government that have always placed a very strong emphasis on security and privacy, so we’ve been building solutions to meet their needs from early on, but other industries and the enterprise sector got interested in it a little later. So a lot of our initial work was in educating companies that didn’t really have that mindset yet to explain to them why security is pivotal.

Today, you don’t need to explain the basics of why security is important in the same way that you did 10 or 15 years ago. Our conversations these days are more focused on explaining why sending information through more secure delivery methods than email is important.

One thing I would add is that sometimes companies are still thinking in a very reactive mindset to security. Viruses are a perfect example. Some companies only get around to installing proper antivirus protection after they’ve already had an incident. I think we’ll see that change as consequences of infection continue to increase.

SD: Why has security been well-prioritized in government, healthcare and financial services but not to the same extent in other industries?

BH:  A mixture of regulatory and privacy concerns, such as HIPAA in healthcare (the Health Insurance Portability and Accountability Act). These industries are ahead of the curve in terms of understanding the need for safety and security. They naturally gravitate towards solutions like ours. Non-regulated industries follow market forces and customer demand, which can be just as compelling.

SD: Tell me more about Transit.

BH: Transit was an outgrowth from Biscom Secure File Transfer, which we launched back in 2005. SFT was a tool geared for power users to help them send really large or sensitive files. We used the feedback we got from our SFT customers to shape Transit’s development process. The market clearly loved the customization and configurability of the SFT tool but also wanted something that was more lightweight. SFT and Transit complement each other. Power users tend to choose Secure File Transfer while knowledge workers tend to prefer the simplicity of Transit.

But regardless of the user profile, the need for secure file sharing and communication within organizations is definitely there. We sponsored a study on the use of security tools within organizations and found that 75% of people that should be using a secure messaging solution are defaulting to using regular email. They reason that learning the secure tools takes too long, is too complicated, and don’t fear what might happen if they just take the easy option. Transit includes a lot of security features, is GDPR compliant, but to end users it’s no more complicated than email. It’s also enabled us to sell into a very different user market. We’ve traditionally been focused on serving Fortune 500 customers, but Transit has expanded our ability to reach companies of all sizes, particularly those in the 5-5,000 user bracket.

SD: Where do you see Biscom, and the cybersecurity industry, in five years?

BH: Security is essential now.

Enterprise products that don’t have some sort of built-in security are essentially non-runners.

Our target market consists of companies that are really focused on the problem of how to share information securely – which is actually pretty large. Integrations have been an important focus for us. We integrated Transit with Dropbox from the start because we know that Dropbox is used in the corporate world, even if it’s considered a form of shadow IT. So we wanted to find a way to help organizations control their use of it rather than ban it altogether. Now, we’re looking at integrating with other cloud providers like Slack, Salesforce, and other cloud storage offerings.

I’m continually amazed at how many companies are still behind the curve on implementing proper solutions. The Office of Civil Rights is really starting to crack down and collect fines for violating HIPAA whereas before it might have been a slap on the wrist. GDPR is the next big compliance requirement that should be on companies’ radar. I predict we’re going to see massive shifts in security over the next five years and IT security budgets will continue to rise. And I think that every single application out there is going to have to have some built-in security. If they don’t, they simply won’t be up for consideration.