Knowledge Transfer with Ipswitch File Transfer

Posts from ‘Advanced File Services’

Sep
19

Upcoming Webcast: Top Tips for Managing File Transfer & Application Integration

0 Comments
Posted by Deirdre Christensen in Advanced File Services, Customers, FTP, Industry News, Integration, Ipswitch, Ipswitch Products and Services, Managed File Transfer, Management, MFT, Security, Technology and Software, Visibility

Join us on September 29 at 1:00 p.m. ET for our latest webcast, Top Tips for Managing File Transfer & Application Integration.

More and more, organizations are beginning to realize that their old batch-file-and-script methods of file transfer and application integration don’t work. They’re unwieldy, primitive, difficult to manage, and often not 100% reliable – not to mention less scalable than the organization might wish. Don Jones, Principal Technologist at Concentrated Technology, and Andre Bakken, Director of Product Management at Ipswitch, will provide the top tips for managing file transfer and application integration in a more modern way. You’ll learn about the key failings in most organizations’ existing techniques, and look at the core capabilities you should be looking for as you move to improve your organization’s treatment of these critical tasks.

Register Now for the webcast! 

What: Webcast – Top Tips for Managing File Transfer & Application Integration

When: September 29 at 1:00 p.m. ET

Who: Don Jones, Principal Technologist at Concentrated Technology  and Andre Bakken, Director of Product Management at Ipswitch

Aug
22

Can a file transfer system enable central management and control?

0 Comments
Posted by Deirdre Christensen in Advanced File Services, Auditing, Compliance, Enforcement, FTP, Integration, Interactions, Ipswitch, Ipswitch Products and Services, Managed File Transfer, Management, MessageWay, MFT, MOVEit, Person-to-Person, Security, Visibility, WS_FTP Server

You might say that the entire point of a Managed File Transfer (MFT) system is to do exactly that: provide centralized management and control. For example, let’s say that your company is subject to the Payment Card Industry Data Security Standard (PCI DSS). Requirement 4 of PCI DSS is to “encrypt transmission of cardholder data and sensitive information across public networks,” such as the Internet. Let’s also say that you frequently need to transmit cardholder data to partner companies, such as vendors who will be fulfilling requests.

One option is to simply allow someone within your company to email that information, or to have an automated process do so. You’ll need to ensure that everyone remembers to encrypt those emails — you did remember to get digital certificates for everyone, correct? — every single time. If someone forgets, you’ve created the potential for a data breach, and it’s not going to look very good for your company on the evening news.

Another option is to automate the file transfer using an MFT solution. That solution can be centrally configured to always apply PGP‐based encryption to the file, to always require an FTP‐over‐SSL connection with the vendors’ FTP servers, and to always require 256‐bit AES encryption. You don’t have to remember those details beyond the initial configuration — it’s
centrally configured. Even if your users need to manually transfer something ad‐hoc — perhaps an additional emergency order during the Christmas rush — your MFT solution will “know the rules” and act accordingly. Your users’ lives become easier, your data stays protected, and everyone sleeps more soundly at night. This central control is often referred to as policy-based configuration because it’s typically configured in one spot and enforced — not just applied — to your entire MFT infrastructure, regardless of how many physical servers and clients you are running.
What’s the difference between enforced and applied? Making a configuration change is applying it. That doesn’t, of course, stop someone else from coming along behind you and applying a new configuration. The idea with policies is that they’re configured sort of on their own, and that they’re protected by a unique set of permissions that govern who can modify them—they’re not just wide‐open to the day‐to‐day administrators who maintain your servers. In many cases, a review/approve workflow may have to be followed to make a change to a policy. Once set, the policies are continually applied to manageable elements such as MFT client software and MFT servers. A server administrator can’t just re-configure a server, because the policy prevents it. The MFT solution ensures that your entire MFT infrastructure stays properly configured all the time.

- From The Tips and Tricks Guide to Managed File Transfer by Don Jones

To read more, check out the full eBook or stay tuned for more file transfer tips and tricks!

Aug
17

Why do I need Managed File Transfer? Isn’t FTP enough?

0 Comments
Posted by Deirdre Christensen in Advanced File Services, Auditing, Enforcement, FTP, Integration, Interactions, Ipswitch, Ipswitch Products and Services, Managed File Transfer, Management, MessageWay, MFT, MOVEit, Person-to-Person, Social Media, Technology and Software, Visibility, WS_FTP Professional, WS_FTP Server

Possibly not. The Internet’s venerable File Transfer Protocol (FTP) is usually supported by Managed File Transfer (MFT) systems, which can typically use FTP as one of the ways in which data is physically moved from place to place. However, MFT essentially wraps a significant management and automation layer around FTP. Consider some of the things an MFT solution might provide above and beyond FTP itself—even if FTP was, in fact, being used for the actual transfer of data:

  • Most MFT solutions will offer a secure, encrypted variant of FTP as well as numerous other more‐secure file transfer options. Remember that FTP by itself doesn’t offer any form of transport level encryption (although you could obviously encrypt the file data itself before sending, and decrypt it upon receipt; doing so involves logistical complications like sharing passwords or certificates).
  • MFT solutions often provide guaranteed delivery, meaning they use file transfer protocols that give the sender a confirmation that the file was, in fact, correctly received by the recipient. This can be important in a number of business situations.
  • MFT solutions can provide automation for transfers, automatically transferring files that are placed into a given folder, transferring files at a certain time of day, and so forth.
  • MFT servers can also provide set‐up and clean‐up automation. For example, successfully‐transferred files might be securely wiped from the MFT server’s storage to help prevent unauthorized disclosure or additional transfers.
  • MFT servers may provide application programming interfaces (APIs) that make file transfer easier to integrate into your internal line‐of‐business applications.
  • MFT solutions commonly provide detailed audit logs of transfer activity, which can be useful for troubleshooting, security, compliance, and many other business purposes.
  • Enterprise‐class MFT solutions may provide options for automated failover and high availability, helping to ensure that your critical file transfers take place even in the event of certain kinds of software or hardware failures.

In short, FTP isn’t a bad file transfer protocol—although it doesn’t offer encryption. MFT isn’t a file transfer protocol at all; it’s a set of management services that wrap around file transfer protocols—like FTP, although that’s not the only choice—to provide better security, manageability, accountability, and automation.

In today’s business, FTP is rarely “enough.” Aside from its general lack of security—which can be partially addressed by using protocols such as SFTP or FTPS instead—FTP simply lacks manageability, integration, and accountability. Many businesses feel that they simply need to “get a file from one place to another,” but in reality they also need to:

  • Make sure the file isn’t disclosed to anyone else
  • Ensure, in a provable way, that the file got to its destination
  • Get the file from, or deliver a file to, other business systems (integration)

In some cases, the business might even need to translate or transform a file before sending it or after receiving it. For example, a file received in XML format may need to be translated to several CSV files before being fed to other business systems or databases—and an MFT solution can provide the functionality needed to make that happen.

Many organizations tend to look at MFT first for its security capabilities, which often revolve around a few basic themes:

  • Protecting data in‐transit (encryption)
  • Ensuring that only authorized individuals can access the MFT system (authorization and authentication)
  • Tracking transfer activity (auditing)
  • Reducing the spread of data (securely wiping temporary files after transfers are complete, and controlling the number of times a file can be transferred)

These are all things that a simple FTP server can’t provide. Having satisfied their security requirements, organizations then begin to take advantage of the manageability capabilities of MFT systems, including centralized control, tracking, automation, and so forth—again, features that an FTP server alone simply can’t give you.

- From The Tips and Tricks Guide to Managed File Transfer by Don Jones

To read more, check out the full eBook or stay tuned for more file transfer tips and tricks!

Feb
21

Three common types of SLAs for file transfer

0 Comments
Posted by jlampe in Advanced File Services, Managed File Transfer, Visibility

I’ve been back on the road visiting file transfer customers and there’s growing concern out there about the ability to track and predict failure against defined service level agreements (SLAs).  In general, I’m seeing most SLAs in our industry cleave to one or more of the following requirements:

1) Application Availability:  Did our service meet the 99.xxx% goal we set?  Most companies I’ve seen track this in minutes per month and year, and some track this by visibility to key customers.  For example, if the file transfer srvice was unexpectedly down at 3am but only 15 customers would have noticed, can we count it as an outage for only those 15?

2) Round-trip Response Time:  Does our service reliably return results from incoming submissions within X time?  This is big at data centers that self-identify as “item processors” or have an “EDI/transmissions” group.  This can also be further specified by class of customer or work (e.g., higher priority transactions) and time of day.

3) Expected Data Within Defined Transfer Window:  Did we receive (or send) the “right” files during the transmissions window from X:XX to Y:YY?  This one can be harder than it looks.  First, you often have “right files” definitions that have dependencies on control or summary files plus specific file formats, names and sizes.   Then there is the additional challenge of predicting which bundles are “running late” and the question of setting up warning alerts with 30 minutes or 15 minutes to go?

Even with these common requirements in the field, the nature of SLAs continues to evolve.   As we see additional trends develop we’ll continue to note them – please expect more information in the coming months.

Oct
06

MFT Challenges

0 Comments
Posted by Hugh Garber in Advanced File Services, Data Breach, Industry News, Managed File Transfer, Security

Let’s take a closer look at the perceived challenges of Managed File Transfer (MFT) that are identified on the Ziff Davis MFT survey.

A few related topics top the list:  “Finding the right MFT solution”, the “Cost”, including ongoing maintenance and future upgrades, as well as “Employee training”, including satisfaction and acceptance.

A lot has to do with the partner you choose to do business with, as well as the complexity of the MFT solution and its ease of use.  Take time to carefully research vendors and clearly understand the anticipated deployment timeline, required involvement and training of your IT staff, and if any professional services are needed.

You want a proven, reliable vendor that has a track record of successful long-term customer relationships and who is committed to bringing new technology to market as business needs continue to grow and evolve.  Let’s just say that not all MFT vendors are created equal…So choose carefully.

“Cost” is always a sensitive subject. But with so many MFT solutions varying in complexity, sophistication, scalability, deployment options, and price,  I strongly advise you to list key business requirements and make sure not to over (or under) purchase functionality.

For example, here at Ipswitch we offer a range of MFT solutions that span from basic secure file transfer products and services all the way to robust solutions proven to meet requirements for extreme volumes of data exchange with governance, data transformation and file life-cycle tracking.  Our solutions have proven to be fast to deploy and easy to use, resulting in rapid time-to-value that greatly exceeds other vendor solutions.

Lastly, consider the ROI and “risk avoidance” aspects of MFT from a security perspective alone (which is only part of the story).  In a recent blog post, I pointed out that the average cost of each compromised file is $204.  So go ahead and estimate how many pieces of sensitive files and data your company has…. Now multiply that by $204.  I’m sure you’ll agree that the ROI on the time and resources spent to protect company data are well worth the investment!

Older Entries