Posts from ‘MFT’
I recently attended SecureWorld Detroit and engaged in two days of conversation with top security, IT and risk management professionals.
There was a single theme that I heard the loudest and clearest from the security community:
There is growing concern for how employees transfer files in an ad hoc manner to those outside the organization. Employees are quick to turn to DropBox or YouSendIt to step outside of file size limitations or email speed issues, without realizing the consequences of their actions.
We heard this consistently across multiple industries – Retail, Healthcare, Financial Services, Banking, Government, Automotive.
We heard this from organizations large, medium and small with requirements to manage file transfers with partners, customers or vendors, and in some cases with international and global reach.
It was said in different ways but it came down to the security teams seeing significant risk for leakage with their current situation today. Some soundbites:
- “We need a person to person file transfer solution”
- “My users want to send large files through YouSendIt. Right now I just keeping saying ‘No’, I’d rather have a solution to offer them.”
- “We need to support an ad hoc file transfer requirement for our users”
- “I have people using DropBox today. It is absolutely unacceptable from a security standpoint, but we need to offer them an alternative.”
This risk around person to person file transfer is not going away, it’s getting worse by the day as more and more employees rely on personal email and cloud based services to transfer data. The potential for leakage is amplified when you consider other data transfer devices such as USB drives and personal email use.
We have done extensive research in this area and we have a Research Report summarized in a graphical eBook which will be published later in October. Titled “Are Your Employees Putting Your Company’s Data at Risk?”, this report helps bring the current problems to life with a picture of how users are behaving today.
“My company still relies heavily on FTP. I know we should be using something more secure, but I don’t know where to begin.”
The easy answer is that you should migrate away from antiquated FTP software because it could be putting your company’s data at risk – Unsecured data is obviously an enormous liability. Not only does FTP pose a real security threat, but it also lacks many of the management and enforcement capabilities that modern Managed File Transfer solutions offer.
No, it won’t be as daunting of a task as you think. Here’s a few steps to help you get started:
- Identify the various tools that are being used to transfer information in, out, and around your organization. This would include not only all the one-off FTP instances, but also email attachments, file sharing websites, smartphones, EDI, etc. Chances are, you’ll be surprised to learn some of the methods employees are using to share and move files and data.
- Map out existing processes for file and data interactions. Include person-to-person, person-to-server, business-to-business and system-to-system scenarios. Make sure you really understand the business processes that consume and rely on data.
- Take inventory of the places where files live. Servers, employee computers, network directories, SharePoint, ordering systems, CRM software, etc. After all, it’s harder to protect information that you don’t even know exists.
- Think about how much your company depends on the secure and reliable transfer of files and data. What would the effects be of a data breach? How much does revenue or profitability depend on the underlying business process and the data that feeds them?
- Determine who has access to sensitive company information. Then think about who really needs access (and who doesn’t) to the various types of information. If you’re not already controlling access to company information, it should be part of your near-term plan. Not everybody in your company should have access to everything.
Modern managed file transfer solutions deliver not only the security you know your business requires, but also the ability to better govern and control you data…. As well as provide you with visibility and auditing capabilities into all of your organizations data interactions, including files, events, people, policies and processes.
Many customers today expect ‘WAN acceleration’ technology (sometimes referred to as WAN Optimization) as part of their MFT vendor’s solution offering. In general this is a useful addition to the MFT feature set, and can certainly reduce file transfer times in a wide variety of scenarios. However, customers should have realistic expectations of what these acceleration technologies can offer, and be cognizant of the limitations and constraints imposed by the carrier network itself.
Join us on September 29 at 1:00 p.m. ET for our latest webcast, Top Tips for Managing File Transfer & Application Integration.
More and more, organizations are beginning to realize that their old batch-file-and-script methods of file transfer and application integration don’t work. They’re unwieldy, primitive, difficult to manage, and often not 100% reliable – not to mention less scalable than the organization might wish. Don Jones, Principal Technologist at Concentrated Technology, and Andre Bakken, Director of Product Management at Ipswitch, will provide the top tips for managing file transfer and application integration in a more modern way. You’ll learn about the key failings in most organizations’ existing techniques, and look at the core capabilities you should be looking for as you move to improve your organization’s treatment of these critical tasks.
Register Now for the webcast!
What: Webcast – Top Tips for Managing File Transfer & Application Integration
When: September 29 at 1:00 p.m. ET
Who: Don Jones, Principal Technologist at Concentrated Technology and Andre Bakken, Director of Product Management at Ipswitch