Posts from ‘Enforcement’
Information flows into, within and out of organizations faster and in greater volumes than ever before. Complicating matters is the growing number of vendor systems, applications and platforms that make up your company’s business infrastructure and touch even your most sensitive and mission-critical information.
If you don’t have visibility into the data and files that are flowing between systems, applications and people — both inside and beyond the company firewall — things can go haywire very quickly.
- Lost files, security breaches and compliance violations
- Broken SLAs and other processes that are dependent on files
- No file lifecycle tracking as data flows between applications, systems and people
- Damaged partner and customer relationships
- Lost opportunities
Relying on the reporting capabilities of each individual system has proven to be risky and inefficient. Chances are, you’re swimming in a sea of not-very-useful-or-actionable data and static reports that are already a week behind with what’s actually happening in your company this very instant.
In today’s blog video, Frank Kenney shares his thoughts why having one consolidated view is critical and why organizations are having such a hard time achieving visibility.
When it comes to your file transfers, many questions exist. Do you have the total visibility your business requires? How do your customers gain visibility into their file transfers?? Do you have all the information you need to meet your service level agreements (SLAs) as well as enabling transparency about integration and file transfers??? Let Ipswitch help you answer these questions and overcome your visibility challenges.
You’re going to be hearing more and more about “VISIBILITY” from Ipswitch, so I’d like to quickly start this blog post with our definition of visibility in the context of files and data flowing into, within and out of your company:
Visibility: “Unobstructed vision into all data interactions, including files, events, people, policies and processes”
Fast, easy access to critical file and data transfer information is a must-have – it’s critical to the success of your business. Whether it’s tracking and reporting on SLAs, analyzing file transfer metrics to identify bottlenecks and improve efficiency, or providing customers and partners with easy self-service access to the file transfer information they require – as well as countless other business objectives – unobstructed visibility is imperative.
Having one consolidated view into all of the systems and processes involved in your organizations file and data transfers will deliver tremendous business value and a competitive edge. Please do take a couple of minutes to watch Ipswitch’s Frank Kenney share his perspective on why visibility is important.
“My company still relies heavily on FTP. I know we should be using something more secure, but I don’t know where to begin.”
The easy answer is that you should migrate away from antiquated FTP software because it could be putting your company’s data at risk – Unsecured data is obviously an enormous liability. Not only does FTP pose a real security threat, but it also lacks many of the management and enforcement capabilities that modern Managed File Transfer solutions offer.
No, it won’t be as daunting of a task as you think. Here’s a few steps to help you get started:
- Identify the various tools that are being used to transfer information in, out, and around your organization. This would include not only all the one-off FTP instances, but also email attachments, file sharing websites, smartphones, EDI, etc. Chances are, you’ll be surprised to learn some of the methods employees are using to share and move files and data.
- Map out existing processes for file and data interactions. Include person-to-person, person-to-server, business-to-business and system-to-system scenarios. Make sure you really understand the business processes that consume and rely on data.
- Take inventory of the places where files live. Servers, employee computers, network directories, SharePoint, ordering systems, CRM software, etc. After all, it’s harder to protect information that you don’t even know exists.
- Think about how much your company depends on the secure and reliable transfer of files and data. What would the effects be of a data breach? How much does revenue or profitability depend on the underlying business process and the data that feeds them?
- Determine who has access to sensitive company information. Then think about who really needs access (and who doesn’t) to the various types of information. If you’re not already controlling access to company information, it should be part of your near-term plan. Not everybody in your company should have access to everything.
Modern managed file transfer solutions deliver not only the security you know your business requires, but also the ability to better govern and control you data…. As well as provide you with visibility and auditing capabilities into all of your organizations data interactions, including files, events, people, policies and processes.
As George Hulme recently wrote, the vision of Senator Richard Blumenthal’s data breach legislation is simple enough: Protect individuals’ personally identifiable information from data theft, and penalize firms that don’t adequately secure their customers’ information.
Clearly, there’s a need for organizations to better secure confidential and private customer information. It seems that a week rarely passes without a new high-profile data breach in the news. In fact, 2011 is trending to be the worst-ever year for data breaches. And that is despite many U.S. states introducing legislation that expands the scope of state laws, sets stricter requirements related to notification of data breaches involving personal information, and increases penalties for those responsible for breaches.
I agree with Senator Blumenthal’s concept of establishing “appropriate minimum security plans”…. But color me skeptical on the government’s ability to appropriately monitor and enforce those plans, especially after witnessing the mighty struggles at effectively governing the dozens of state laws already on the books.
My skepticism is shared by many, including Mark Rasch, director of cybersecurity and privacy consulting at Computer Sciences Corporation: “The devil is in the details with these laws. We’ve had regulations, from Gramm-Leach-Bliley to HIPAA, that purport to help protect consumer data. Companies are already victims in these attacks, so why are we penalizing them after a breach? I think that’s because it’s easier to issue fines than it is to track down the criminals and go after them.”
In my opinion, business leaders need to prioritize their own internal efforts to properly protect sensitive information rather than wait on the government to catch up. First order of business is to identify where confidential files and data live in your organization and ensure visibility of that info (after all, how can you protect what you don’t know about?). Fortunately, there are technology solutions available to help organizations better manage and govern their critical files and data as they are being moved and consumed both internally and with business partners and across people, systems and various business applications.