ZIXI

Zix Corporation

Zix Corporation’s focus is the operation of an Email Encryption Service. ZixCorp’s Email Encryption Service enables the use of secure email for sensitive information exchange primarily in the healthcare, financial services, insurance, and government sectors. For 2009 we operated two reporting segments, Email Encryption and e-Prescribing. Specific to our e-Prescribing business, we announced on June 11, 2009, that we had retained Allen & Company LLC to assist our Board of Directors in investigating strategic alternatives (“Strategic Review”) for maximizing value of this business segment. Based on the Strategic Review we announced on December 8, 2009, our intention to exit the e-prescribing business. After fulfilling our customer and partner obligations, we are targeting December 31, 2010, as the official termination date for this business.

The business operations and service offerings are supported by the ZixData Center™, a network operations center dedicated to secure electronic transaction processing. The operations of the ZixData Center are independently audited annually to maintain AICPA SysTrust™ certification in the areas of security, confidentiality, integrity and availability. Auditors also produce a SAS70 Type II report on the effectiveness of operational controls used over the audit period. The center is staffed 24 hours a day with a proven 99.99% reliability. Whether it is delivery of email, prescriptions or other sensitive information, we enable communications to be sent in a trusted, safe, and secure manner. This is ZixCorp’s core competency and we believe it is a competitive advantage.

Our Email Encryption Service is a comprehensive secure messaging service, which allows an enterprise to use policy-driven rules to determine which emails should be sent securely to comply with regulations or corporate policy. It is primarily offered as a Software-as-a-Service (“SaaS”) solution, for which customers pay an annual service subscription fee. ZixCorp’s main differentiation in the marketplace is our focus on the transparent delivery of secure, encrypted email. Most email encryption solutions are focused on the sender. They typically introduce an added burden on receivers, often requiring additional user authentication with creation of a new user identity and password. We designed our solution to alleviate the receiver’s burden by enabling the delivery of encrypted email automatically and transparently. ZixCorp offers transparent delivery as a result of (1) our ZixDirectory®, which is designed to share identities, (2) Zix’s Best Method of Delivery, which is designed to deliver email according to the sender’s encryption policy and (3) ZixGateway™ (formerly ZixVPM®), which is an enterprise gateway that automatically decrypts the message. The result is secure encrypted email exchange that’s transparent for both sender and receiver.

e-Prescribing consists of a single product line named PocketScript®, which is an electronic prescribing service that allows physicians to use a handheld device to prescribe drugs and transmit the prescription electronically to virtually any pharmacy. Our Email business is profitable; however, the e-Prescribing business has continued to consume cash, and we plan to exit this business at the end of 2010.
Business Segments

Email Encryption

Segment Overview: Email is a mission-critical means of communication for enterprises. However, if email leaves a secure network environment in clear text, it can be intercepted along the path between a sender and a recipient, which permits theft, redirection, manipulation, or exposure to unauthorized parties. Failure to control and manage such risks can result in enforcement penalties for noncompliance under numerous different regulations. Healthcare organizations are primarily concerned with the recent changes to the Health Information Portability Accountability Act (HIPAA) introduced via the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009. Financial institutions are concerned with Gramm-Leach-Bliley Act (“GLBA”). In addition, individual states such as Massachusetts and Nevada have recently introduced state laws regulating email encryption. Failure to manage the risks associated with email can also lead to decreased productivity, damaged reputation, competitive disadvantage, a loss of intellectual property or other corporate assets, exposure to negligence or liability claims, and diversion of resources to repair such damage.

Corporations require email protection that can be used on an enterprise-wide basis, is cost-effective, quickly deployed, regularly updated to guard against obsolescence and ineffectiveness, and is easy to use. To satisfy these needs, our Email Encryption Service provides a comprehensive solution that analyzes and encrypts email communications.

Our Email Encryption Service provides a user the ability to deliver encrypted email to any email user at any email address by using the ZixCorp Best Method of Delivery™ protocol that automatically determines the most direct and appropriate means of delivery, based on the sender’s and recipient’s communications environment and preferences. The service supports a number of encrypted email delivery mechanisms, including S/MIME, TLS, OpenPGP, “push” delivery and secure portal “pull” delivery. These last two mechanisms enable users to send messages instantly and securely to anyone with an email address, including those who do not have an encryption tool. Our Best Method of Delivery makes the technology simple for end users and provides flexibility and ease of implementation for information technology professionals. We believe the ability to send messages through different modes of delivery makes our Email Encryption Service superior to competitive offerings.

The deployment of our Email Encryption Service at the periphery of the customer’s network means our Email Encryption Service encrypts email for an enterprise’s customers and business partners without the need to create, deploy or manage end user encryption keys or deploy desktop software. Our technology solutions are user friendly, easy to deploy, and can be made operational quickly.

Our service has an integrated policy management capability. This policy engine can inspect the contents of outbound emails and apply policies that match specific industry criteria such as HIPAA and GLBA. Customers can also build their own specific policies. This policy driven email for regulatory compliance means customers can reduce the training required of their staff.

Our Email Encryption Service employs a centralized directory of users called the ZixDirectory, which we consider a key differentiator of our offering. The ZixDirectory operates as a global community for email encryption, and today contains over 20 million user email addresses. The ZixDirectory has recently grown at a rate of over 100,000 new members per week. Access to these email addresses and encryption codes in the ZixDirectory greatly improves ease of use for both senders and receivers of secure email, while affording them the option of strong encryption methods, extended feature sets and the flexibility of a variety of fully integrated and fully interoperable solutions.

Today in healthcare, our Email Encryption Service is used by over thirty Blue Cross Blue Shield organizations and over 1,000 hospitals. In the financial services sector, we serve over 1,200 banks, credit unions and farm credit associations, as well as all of the Federal Financial Institutions Examination Council (“FFIEC”) regulators. We also provide service to more than twenty-five state governments covering various state agencies in those states.