If you're responsible for implementing MultiLine across your organization, this guide is for you. In this guide, you'll find best practices and example approaches from companies that have already started their implementation journey with MultiLine.
As with any software implementation, rolling out MultiLine is as much about change management as it is technology deployment. For that reason, we've focused on how to engage, educate, and win the support of end users and key business stakeholders.
Our goal is to help you achieve a successful MultiLine rollout with maximum user adoption and business value.
Enable reliable, compliant mobile communications from anywhere with MultiLine
MultiLine ensures reliable, compliant client communications for remote employees, including financial advisors, wealth managers, investment bankers, brokers, traders and other customer-facing roles.
The software-based service includes:
- Mobile and Desktop apps to call and message
- Management Portal
- administrative tools for fast, over-the-air provisioning
- centralized storage of data for regulatory reporting
- Optional compliance features, such as call and message recording, automating consent to message, and more
Mobilizing an office-based solution for home use is tricky. MultiLine overcomes the limitations of stopgap approaches to communicating with clients. Organizations can achieve compliance and business continuity during the current crisis—and beyond.
We Promise:
A rapid rollout
- Deploy to 1,000s in days
- Users up and running in minutes
- Everything online and over-the-air
Rock solid reliability
- Works on any mobile device
- Works in any home environment
- Works around the world
Gap-free compliance
- Capture in- and outbound voice and text
- No user action to record
- Central storage and surveillance
We need you to:
Quantify Mobile Usage
Start with a clear understanding of the size and cost of maintaining your corporate mobile estate. In addition, collect monthly usage statistics for mobile data and calls. These figures are important inputs to your rollout strategy and business case.
Devise An Engagement Plan
Prepare a plan to build awareness and acceptance for MultiLine. Expect to engage a variety of stakeholders—business and IT executives, HR, Legal, Compliance, and end users—to ensure a smooth implementation.
Establish Success Metrics
Define how you will measure success given the objectives for your MultiLine deployment. Common metrics include number of activated users, number of corporate devices retired, and user satisfaction scores.
Roll Out In Phases
Onboard new users in phases to mitigate risk, build internal capabilities, and prove the value of MultiLine to the business. Early successes will generate the positive word of mouth that builds momentum for your rollout.
“MultiLine was a lifesaver.” Global Head of Enterprise Mobile
Mobilizing employees can be expensive. MultiLine can help you contain mobility costs by enabling or accelerating a shift to BYOD. If that’s part of your business case, be sure to consider these expenses when calculating your savings:
- Device purchase
- Device insurance
- Device provisioning
- Device replacement
- Service contract
- SIM contract
- Recording technology
- Maintenance and support
Customer Savings With MultiLine
A global bank expects to avoid more than $13 million in costs by using MultiLine to encourage BYOD adoption. The move eliminates the need to replace thousands of legacy corporate devices.
Template to calculate savings
| a. | Number of corporate devices in your fleet | |
| b. | Number of devices that need to be replaced in the next 12-24 months | |
| Device Costs | ||
| c. | Cost to purchase device | |
| d. | Cost to provision device | |
| e. | Cost to insure device | |
| f. | Overhead costs per device (support, repair, maintenance, etc) | |
| g. | Total costs per device (c + d + e + f) | |
| Cost Avoidance for Devices | ||
| h. | Total costs per device x number of devices that need to be replaced (g x b) | |
| Service Costs | ||
| i. | Cost of mobile service per user per month | |
| j. | Cost of mobile recording per user month (if needed) | |
| k. | Total service costs per user per month (i + j) | |
| l. | Cost of MultiLine Service per user per month | |
| m. | Savings on service costs per user per month (k - l) | |
| Total Savings on Service Costs | ||
| n. | Savings on service cost per user per month x number of devices that need to be replaced (m x b) | |
| o. | Annual savings on service costs (12 x n) |
Most MultiLine customers build a business case for the service based on one or more of these primary drivers of business value. The benefits of MultiLine to your organization will depend on multiple factors, including how you plan to deploy the service as well as your current mobility strategy and expenditures.
1. Cost savings - Save by retiring expensive corporate mobile phones and shifting to an attractive, cost-efficient BYOD program
2. Customer engagement - Better serve customers by meeting their demands for fast, convenient mobile communications
3. Control - Protect valuable business relationships and information when employees leave or change roles
4. Compliance -Ensure auditable compliance with regulations covering business communications on mobile devices
Endorsement from senior business leaders and alignment with key functional areas pave the way for a successful MultiLine rollout.
- Educate and ease concerns
- Demo the app for users and executives and give them the opportunity to ask questions. Our Customer Success Team is ready to provide the answers; and help.moviuscorp.com is a great resource for self-guided learning.
- We offer a helpful Infographic: Business Continuity with MultiLine
- Make sure to get senior IT and business unit leaders, as well as the heads of HR, Compliance, and Legal on board.
- Explain the Cost Savings (See Cost Savings calculator below)
Getting your technical team excited
Successful MultiLine rollouts are driven by an implementation plan with clear objectives, a strategy for engaging stakeholders, and a timeline for onboarding user groups.
MultiLine is a software-based solution that makes life easier for the people who support your mobile users and devices. Administrators have a simple, web-based portal to manage your deployment.
1. Convenience
Assign—and reclaim—numbers in seconds over the air.
2. Control
Adjust settings and features by users or departments.
3. Insight
Track mobile usage across your organization in real time.
4. Security
Secure the MultiLine app with an existing MDM or EMM like BlackBerry UEM or Microsoft Intune.
MultiLine is often deployed as part of a new or expanded BYOD program. When that’s the case, your rollout plan should include educating functional stakeholders about the service, since this shift typically requires a few internal policy decisions. The contributions and support of functional leaders are a must for operational readiness and will help pave the way for a smooth introduction to end users.
Ensure Alignment On HR
- They'll ensure the best employee participation and rollout
- They'll consider the impact on reimbursement and expense policies
Security and Compliance
- They'll ensure your deployment meets your security and regulatory policies.
Finance
- They'll verify the financial business case and get onboarded to the internal billing process
Legal
- They'll ensure we take care of Tax implications and Legal liabilities
Procurement
- They'll need to phase out existing carrier contracts
Rollout Considerations
The user groups you choose for each phase of your roll-out depends on the type of roll-out.
Examples:
BYOD Use Case
- Consider replacing the oldest devices first, or deploy to the organization that has the largest number of end users
Regulatory Compliance Use Case
- Consider deploying to the location that is under the most regulatory compliance pressure
Multi-Location
- Consider deploying based on the largest number of end users, or which would be easiest to support.
User Groups
- Consider deploying based on most enthusiastic department first
Define Success Metrics
Define how you will measure success given the objectives for your MultiLine deployment.
Common metrics include number of activated users, number of corporate devices retired, and user satisfaction scores.
For tracking your activated users, you'll find instructions for Management Portal Reports highly instrumental.
Here are some important considerations when planning a global rollout strategy that delivers early wins and maximum business value.
Local Regulatory Environment
The laws and regulations for mobile communications vary by country (and even some U.S. states). Make sure you understand the local regulations concerning the use of personal devices in the workplace, the recording of mobile communications, and the protection and privacy of personal data.
Local Company Policies
Expect to engage functional teams at a country or regional level. Areas to address include local HR policies (especially for BYOD), local compliance standards and approvals, and local legal and tax considerations.
MultiLine Service
MultiLine is currently available in countries in North America, Europe, and Asia. Movius and our partners can confirm the availability of local mobile numbers in the countries you’d like to deploy or will work closely with you on a timeline to meet your geographic requirements.
Key Decisions Checklist
☐ Number of users and their roles
☐ In which countries will your firm need to deploy?
☐ Will numbers need to be ported from an existing mobile or desk phone? If so, how many?
☐ What channels need to be archived? (calls, texts, or both)
☐ What is the target launch date?
☐ Is there a desire to launch all users at once or have a phased launch?
☐ Identify Project Sponsor and Administrator roles
How disruptive will this rollout be to our operations?
We chose MultiLine because it’s easy to deploy and simple to use. Most new users can call or text within minutes of downloading the app, with little or no training. After that, the product will fit seamlessly into your workflows.
What about the security of our business data?
All business contacts and communications are separate and secure, even on an employee’s personal phone. MultiLine encrypts voice and text messages, and only very basic call information is stored on the device. We will secure the MultiLine app with the same software we use to protect the data in other enterprise mobile apps, and we can delete the app from an employee’s personal phone in seconds.
Does MultiLine work with our existing MDM?
Yes, MultiLine is designed to work with your existing MDM. We have specially integrated versions of the app for BlackBerry Dynamics and Microsoft Intune, but the applications are also compatible with any other MDM or EMM.
What about employees whose mobile communications need to be recorded for regulatory purposes?
Yes, we support recording mobile communications for regulatory purposes.
For both calling and messaging, you can define which organizations need their calls and messages recorded, and which do not. You can choose to record both calls and messaging, or only calling or messaging. Movius can also configure features such as a call announcement stating "Your call is being recorded" and periodic beep, to meet the requirements of your local legislation. We offer many options for securely transferring the communications to your compliance archive.
The benefit of using MultiLine is that you'll only be capturing the data of business calls and messages made using MultiLine. This protects the privacy of employees and helps them be at ease with a BYOD mobile phone policy. We have information available to share with your users about their privacy in our Privacy FAQ.
How will this impact employees’ monthly mobile bill?
We anticipate that there will be little or no change to the monthly mobile phone bill of most employees. First, most mobility plans include unlimited text and voice calling—so no extra costs there. Second, MultiLine supports text, voice, and data on Wi-Fi networks—so that’s free. Third, even for people with tiered data plans, the average data usage for MultiLine is only 100MB per month, which isn’t likely to push anyone over the typical 3 - 4 GB monthly limit.
Note:
- Check out your usage statistics collected from your corporate mobile estate. For example, one organization determined that 82% of all corporate device users used less than .5GB of data per month—and that’s for all enterprise mobile apps and communications.
- You can address cost concerns by offering employees a monthly stipend or reimbursing employees for unusual expenses, such as when roaming.
Does MultiLine support TCPA Opt-In/Opt-Out?
Yes. We understand that in highly regulated industries – there are often requirements to capture client opt-in or for the client to enroll in order to text with their advisor.
MultiLine renders this process easy, texting enrollment is built-in with our Opt-In feature. It’s a simple process. When the advisor first texts a client – the client will receive a message which allows them to either opt-in to texting by replying “YES” or decline the invitation by replying “STOP” to the text conversation. When they reply “YES” – both the advisor and the client receive an auto-generated message informing of the client’s decision – and this message is recorded in the Portal/Archival System/Salesforce – for easy compliance verification. At this point – the conversation can resume as it normally might.
Does MultiLine comply with GDPR Regulations?
Yes. Movius meets the imperatives of GDPR, including privacy by design, explicit consent, data breach notification, and subject access rights.
The Movius MultiLine solution clearly separates personal and business calls and texts in a transparent and auditable way. The platform can demonstrate the necessary degrees of separation required to meet the privacy by design imperative of GDPR. By separating the personal and business communications on a single device, MultiLine can enable compliance standards at a low cost of regulatory oversight and organization can feel confident that they are not in breach of GDPR regulations.
Does MultiLine comply with SOC 2 requirements?
All MultiLine data is encrypted both in transit and at rest, and meets all SOC 2 compliance requirements. Additionally, a security pin can be enabled within the settings of the app, forcing users to enter a pin prior to launching the application.
All business contacts and communications are completely separate and secure, even on an employee’s personal phone. MultiLine encrypts voice and text messages, and only very basic call information is stored on the device. The MultiLine app is secured with the same software used to protect the data in other enterprise mobile apps, and the app can be deleted from an employee’s personal phone in seconds.
Is MultiLine suitable for HIPPA compliance?
Yes, MultiLine provides HIPAA-compliant texting and calling through a separate mobile phone number, allowing secure communication between caregivers and patients.
- Capture patient consent from text messages through an automated workflow. All patient consent is captured and available as a report in the Management Portal.
- Identify PHI related keywords and information to redact or block completely from being shared in text messages.
- Secure communication of PHI between caregivers and patients, with Cloud Data Storage that is HITECH and HIPAA Certified. All communication data is TLS 256-bit AES encrypted at rest and in transit.
Is MultiLine suitable for FINRA and SEC compliance?
Yes. Despite firms’ resistance to monitoring text communications, the reality is the Securities and Exchange Commission (SEC) and Financial Industry Regulatory Authority (FINRA) require that electronic communications used for business purposes are archived and supervised—including text messages.
Key points from the Notice include:
- Recordkeeping: Firms are reminded of their obligation to keep records of business communications under SEC Rule 17a-4(b)(4). Also, firms must train and educate their advisors regarding the distinction between business and personal communications, and the requirements to retain, supervise, and produce business communications.
- Text messaging: Firms that communicate or allow advisors to communicate through text messaging or chat services for business purposes must retain records of those communications, in compliance with SEC and FINRA rules.
MultiLine offers built-in capturing capabilities for all MultiLine texts at an enterprise scale. This happens automatically in the cloud and never requires end-user action. You can easily search and download all of these records in our secure Management Portal, where we can store them for a predefined period of time.
Link to FINRA notice: https://www.finra.org/sites/default/files/notice_doc_file_ref/Regulatory-Notice-17-18.pdf
Link to SEC rules: https://www.sec.gov/files/OCIE%20Risk%20Alert%20-%20Electronic%20Messaging.pdf
Is MultiLine suitable for MiFID II and FCA COBS 8.11 compliance?
Yes, Movius MultiLine enables compliance with MiFID II and FCA COBS 11.8, including the requirement to produce all communications related to a trade upon the request of a regulator, including mobile calls and texts, no matter whether the phone is corporate or privately owned. It brings the compliance, retention, archiving and eDiscovery capabilities that banks require while easily capturing, recording, storing and analyzing mobile voice and text communications.
Link to MiFID II: https://www.esma.europa.eu/sites/default/files/library/esma35-43-349_mifid_ii_qas_on_investor_protection_topics.pdf
Link to FCA: https://www.handbook.fca.org.uk/handbook/ICOBS/Sch/1/1.html
Is MultiLine suitable for Dodd-Frank and GLBA compliance?
Yes. MultiLine ensures secure and private attorney/client and third-party communications to protect sensitive client data in accordance with Dodd-Frank and Gramm-Leach-Bliley Act (GLBA).
Movius Corporation assumes no liability for the accuracy or completeness of this information. Please consult with an attorney for specific information on specific rules and regulations and how they apply to your business.
Is MultiLine ISO certified?
Yes, Movius MultiLine is ISO 27001:2013 and ISO 9001:2015 certified.
Is MultiLine voice and text capture compatible with SIPREC technology?
Yes. If your organization needs SIPREC, we can work with you to set it up.
Can MultiLine prove that data moving over its network hasn't been intercepted and changed?
- Data stored on the apps consist of Call history, SMS history and voicemail..
- All data between the client and server is encrypted
- SIP over TLS uses SHA2 with RSA
- Secure RTP SRTP between client and server uses AES_CM_128_HMAC_SHA1_80
- Restful WEB Services uses HTTPS
- The Movius for Blackberry apps (Android and iOS) communicate via POST with the server hence the data between the client and server cannot be viewed by a third party.
- SSL Pinning ensure that the client checks the server’s certificate against a known copy of that certificate only, which ultimately prevents a man in the middle attack.
- For Movius for Blackberry Android app, the application uses SQL cipher that performs transparent and on the fly encryption to DB.
- For Movius for Blackberry iOS app, the application uses Core data enabled with Data Protection Options and SQL Cipher to encrypt the DB.
How is MultiLine data captured and how is it stored?
Built-in call and SMS recording capabilities are provided by the Movius platform to comply with regulatory requirements (FCA, MiFID II, Dodd-Frank, HIPAA) and corporate policies.
The default behavior of the Movius platform is for voice and SMS recordings to be created as they traverse the Movius platform and stored for a period of 72 hours for customers to retrieve them for archiving purposes in their respective secure data repository solutions.
Note that the recording is done ONLY IF the user is enabled for SMS recording or Voice recording or both Voice and SMS recording.
Access to the recordings is restricted to Admins of the Management Portal granted the designated role and the CSV offload process. No other users will have access to these recordings.
All SMS data and Voice and SMS metadata is encrypted and stored in a text archive. All metadata recordings are encrypted using AES 256 encryption. Voice recordings are stored in raw voice format in a voice archive.
Movius Corporation assumes no liability for the accuracy or completeness of this information. Please consult with an attorney for specific information on specific rules and regulations and how they apply to your business.
Movius follows the highest industry standards to ensure that you can trust us with your critical data.
Movius Internal IT Security
- We understand the importance of information security, including cybersecurity, to protect against external threats and malicious insiders.
- Our cybersecurity strategy prioritizes detection, analysis and response to threat intelligence, cyber risks, and malicious activity.
- We continuously strive to meet or exceed the industry’s information security best practices and apply controls to protect our clients and the infrastructure of the company.
Security Certifications
- Our information security management program is built to comply with the ISO 27001 framework.
- The security controls for the Movius platform annually undergo SOC 2 Type 2 examination against AICPA defined standards.
Encryption
- All data is encrypted in transit and at rest.
Secure Cloud Data Center
- Your data is protected using FIPS 140-2 Level 3 compliant HSMs and customer owned encryption keys.
- Storage is compliant with:
- Federal Information Processing Standard (FIPS) Publication 140-2
- Federal Information Security Management Act (FISMA)
- Health Insurance Portability and Accountability Act (HIPAA)
- Payment Card Industry (PCI)
- Basel II
- California Security Breach Information Act (SB 1386)
- EU Data Protection Directive 95/46/EC
Security Scanning
- SAST and DAST are performed for every maintenance and general release.
- Manual Penetration testing is performed annually.
- Bi-weekly vulnerability scan is performed by in-house security experts.
Disaster Recovery and Geo-redundancy
- Movius performs daily backups of production data that is only used to minimize data loss in the event of a disaster.
- Production data is immediately written to an independent 2nd database which is either at the same location for single site installations or at a second data center in geo-redundant configurations.
- We complete re-certification and surveillance audits annually.
Manage Users and Admins
Admin Audit Logging
- All activities by Admins in Management Portal and Developers using the API are logged in Admin logs.
- Full search functionality helps you quickly track down activities of interest, including:
- Log in
- Adding, deleting, or viewing an account
- Viewing or downloading a report
- Viewing or downloading data
- You can also set up alerts for activities, such as password changes and deleted accounts. See Manage Alerts
Admin Access Control
- Fine tune which organizations, data, and functions Admins can access by assigning Roles. See What Admin Roles exist in the Management Portal?
- Require two factor authentication to log in. See Enable Two Factor Authentication for Admins.
User Access Control
- Admins have complete control over user access to MultiLine app. It's possible immediately suspend or delete a user account from Management Portal to remove access to the application.
- Calls to a MultiLine number from a deleted account can automatically forwarded, tagged for a specific use or organization, or made generally available.
- Call or message recording is set by admins and does not allow users to turn the feature on or off, preventing any circumventing of your recording policies.
EMM Integration
- You can apply any policies from your Enterprise Management solution to the MultiLine application.
- Apply corporate authentication and password requirement policies to MultiLine applications.
- Enforce using MultiLine applications when using corporate apps, including phone number links and conference codes.
- Restrict copy and paste, screenshots, and more from MultiLine to outside apps.
GDPR
- We ensure ongoing compliance with the General Data Protection Regulation (GDPR).
- Users can clearly see what data is shared and have the option to opt in or out of sharing their personal data.
Account Cancellation
- You may cancel with us at any time by contacting our Customer Success team.
- We will work with you to offload your data and then securely remove your data from the platform.
FAQ
Can you provide a Security Baseline Document?
Yes. Contact your Customer Success Representative to receive this document.
The document covers access control, database control, data encryption, penetration testing, and vulnerability scanning policies.
Do you have a vulnerability disclosure process?
Yes. We provide this process to you as part of the contract as well as contact information for our security team.
Can you provide your Hosting and Delivery Process?
Download the PDF: Movius Hosting and Delivery Policies[90].pdf
End users love the convenience and simplicity of MultiLine. A little upfront communication and education prepares employees to adopt the service.
Seeing is believing
Demo the MultiLine app to dismantle concerns and highlight key features.
You can share the demo we have available on our YouTube channel.
If an end user is having trouble registering because they cannot find their company credentials, recommend that that they check out the invalid credential article here or have them contact your company's IT team.
Highlight user benefits
Get people excited about using MultiLine by emphasizing its many end user advantages, including convenience, choice, and the clear separation of work and personal communications.
Offer self-help resources
Make self-help resources—like how-to videos, FAQs, and knowledge base articles— easily available to end users. Movius and our partners offer a variety of ready-made training materials for you to use.
The most effective self-help resources are short how-to videos on basic MultiLine functions. •
- How-to resources on YouTube
- Customize your MultiLine email “invitation” to provide first-time users with helpful tips and links to online resources.
Leverage the educational resources provided by Movius and our partners or create your own training tools.
- MultiLine Guide
- Movius for BlackBerry Guide
- MultiLine for Intune Guide
- MultiLine for Salesforce Guide
- User FAQs
- User Troubleshooting
Make sure your Help Desk is briefed on MultiLine and knows where to direct users for more information. They'll also find our User Troubleshooting guide a helpful resource.
Counter user concern
Clearly address end users’ questions about conducting business on their personal phone. Reassure them about MultiLine’s privacy and overcome cost concerns with actual usage data.
We answer common user concerns in our User FAQ.
Set up an email campaign
When you’re ready to onboard users, send a series of emails before, during, and after the go-live date. Track end user activation to determine the need for follow-up communications.
Additional resources
- Guides for MultiLine Administrators
- Guides for Enterprise
- Movius Blog: Read the latest out of Movius and the state of digital communications!
- Movius Help Center: Help topics for users and admins
- Movius YouTube: Helpful how-to videos and product demos
