Posts from ‘Person-to-Person’
What are the benefits, the risks, the consequences, and the alternatives to the proliferation of personal file transfer and file sharing tools?
Consumer-grade solutions such as Dropbox, webmail and USB drives being rapidly adopted in the workplace. The question is — are they right for you and your organization?
Next Wednesday, on April 25th, you’re invited to join industry experts Michael Osterman and Ipswitch’s David Boone in a 29-minute rapid-fire discussion where we will address:
- Typical Tools – What are the products employees are bringing with them to work?
- What are the risks of relying on personal file sharing tools in the workplace?
- How can I balance the need of the individual with the requirements of the organization?
- Top 3 things to look for in an easy-to-use and governed business-class file sharing solution?
If you manage an IT environment where these tools are pervasively used by employees to send company information, then you’re encouraged to participate in what should be a very opinionated discussion. Bring your questions. Challenge the experts. Learn how to regain control. And enjoy the conversation. Register now.
P.S. – if you are unable to attend the live event, please register anyways and we’ll email you a link to the archived recording for playback on-demand, as your schedule permits.
There is so much to absorb at RSA Conference. The largest gathering of security vendors, solution providers and practitioners in the U.S. certainly didn’t disappoint as the Moscone Center was buzzing with security education and of course lots of thought provoking conversations.
Many of the people I spoke with shared similar concerns of data breach risk, tighter compliance and auditing requirements, and their lack of visibility and control over the tools that people are using inside their organization to share files and data with other people. IT leaders are feeling 
pressure (and rightfully so) to regain control over how people share files with other people. It was also great hear so many people talking about migrating to the public and private clouds in order to take advantage of benefits such as quick provisioning and elasticity.
My favorite conversations at conferences are usually the ones I have with current customers…. And RSA was no exception. Quite frankly, the key insights I learn from talking with customers help me do my job better. Many thanks to the dozen or so Ipswitch customers that stopped by our booth and shared stories of how they have successfully consolidated and replaced the various homegrown file transfer tools and scripts, various vendor products, and manual processes they had been relying on with an Ipswitch MFT solution, resulting in improved efficiencies in their business processes as well as a simplified way to demonstrate compliance and consistently enforce security policies for all their file transfer and file sharing activities.
Looking back at 2011, we saw more and more employees using consumer-grade (and often personally owned) file sharing technologies such as USB drives, smartphones, personal email accounts, and file sharing websites to move sensitive company information. We’ve learned that employees will “do what they need to do” to be productive and get their job done… And if IT doesn’t provide them with the right tools, they will find their own.
2011 was also a record-breaking year for data breaches. Coincidence? Perhaps. But there is no denying the fact that the increased use of non-sanctioned technology in the workplace has created a security loophole in many organizations. It will become increasingly important for organizations to mitigate this risk to avoid a failed security or compliance audit or worse, a data breach.
Ipswitch can help your organization meet the security, usability and visibility requirements for file sharing. For example, our Ad hoc Transfer module for MOVEit DMZ enables organization to enforce consistent policies and processes around person‐to‐person file transfers ‐ email encryption, attachment offloading, secure messaging, eDiscovery, and more. It not only gives companies unparalleled governance, but it also allows end users to send information, with anyone, in a fast, easy, secure, visible, and well managed way.
We will be talking a lot more about the topic of people person-to-person file sharing in 2012, so stay tuned….
“My company still relies heavily on FTP. I know we should be using something more secure, but I don’t know where to begin.”
Sound familiar?
The easy answer is that you should migrate away from antiquated FTP software because it could be putting your company’s data at risk – Unsecured data is obviously an enormous liability. Not only does FTP pose a real security threat, but it also lacks many of the management and enforcement capabilities that modern Managed File Transfer solutions offer.
No, it won’t be as daunting of a task as you think. Here’s a few steps to help you get started:
Identify the various tools that are being used to transfer information in, out, and around your organization. This would include not only all the one-off FTP instances, but also email attachments, file sharing websites, smartphones, EDI, etc. Chances are, you’ll be surprised to learn some of the methods employees are using to share and move files and data.- Map out existing processes for file and data interactions. Include person-to-person, person-to-server, business-to-business and system-to-system scenarios. Make sure you really understand the business processes that consume and rely on data.
- Take inventory of the places where files live. Servers, employee computers, network directories, SharePoint, ordering systems, CRM software, etc. After all, it’s harder to protect information that you don’t even know exists.
- Think about how much your company depends on the secure and reliable transfer of files and data. What would the effects be of a data breach? How much does revenue or profitability depend on the underlying business process and the data that feeds them?
- Determine who has access to sensitive company information. Then think about who really needs access (and who doesn’t) to the various types of information. If you’re not already controlling access to company information, it should be part of your near-term plan. Not everybody in your company should have access to everything.
Modern managed file transfer solutions deliver not only the security you know your business requires, but also the ability to better govern and control you data…. As well as provide you with visibility and auditing capabilities into all of your organizations data interactions, including files, events, people, policies and processes.
Every day, files are exchanged between your systems, employees, and business partners on a global scale. It’s no secret that with each file transfer, your organization faces potential exposure to viruses, worms, Trojan horses and other malware – and the damaged files, corrupted applications, reduced performance and other adverse business effects that come with them.
Are your file transfers as safe as they can be? Specifically, when you receive inbound files, are you doing all you can to protect your IT infrastructure from the risk of viruses and malware?? Are your outbound data and file transfers “clean,” so you don’t expose your trading partners to any viruses that might be undetected in your systems???
Ipswitch MOVEit and MessageWay solutions offer the ability to integrate with specific antivirus solutions. Here’s a link to learn more about MOVEit DMZ’s new ability to integrate with Sophos and Symantec ICAP enabled antivirus solutions to ensure that only clean files enter your infrastructure.
For example, all files uploaded to MOVEit DMZ (including those sent using the person-to-person Ad Hoc Transfer module) are first scanned and validated to ensure that they are free of viruses, trojans, malware and other malicious threats. If an infected file is detected the following actions will immediately and automatically be taken:
• Rejects the transfer of the infected file
• Alerts end user that upload failed due to virus detection
• Logs the virus, timestamp, the scan engine, version and definition tag
• Reports the list of infected files that have been detected during a specified time period
By integrating your antivirus solution with your managed file transfer solution, you ensure that all the files you receive are scanned before they enter your network. Not only does this protect your applications, data and valuable IT assets, but it prevents you from accidentally passing on any viruses that may exist in your systems.
