Three security considerations for transferring files
What you need to know to securely share information
In 2013, the average cost of cyber-crime in the U.S. was $11.6 million (per company, per year), primarily due to the loss or misuse of information assets, with companies across the US falling victim to an average of two successful attacks per week, according to the Ponemon Institute.
With cyber-threats constantly evolving and becoming more sophisticated, one word can shift the balance of power when it comes to file transfer. The difference between file transfer and managed file transfer is critical for businesses.
The challenge in applying advanced technology to manage file transfers lies in distinguishing between document-centric, collaborative file sharing and automated or partially-automated file transfer to support business processes, often in a compliant fashion.
So what do businesses need to know when managing and transferring information today?
When it comes to the flow of information across an organization and between business partners, end user expectations are being set by the likes of Apple and Amazon for great user experience, while a company's IT staff is expected to deliver high availability, off-hours support, security and compliance enablement in addition to the exceptional user experience, on budget.
This expectation vs. reality tension leads to larger security challenges when employees, including IT staff, start using unapproved applications that don't meet the security requirements of the organization or the industry. Further, for information associated with critical business processes, using these unapproved methods often create holes in these systems.
Regardless of efforts to enhance security, Enterprise File Sync and Share (EFSS) services, are still end-user focused, resulting in enterprise IT managers often blocking EFSS services from corporate domains to maintain control of their networks and business processes.
Managed File Transfer (MFT) solutions on the other hand can support file sharing with added security, visibility and integration with business processes, and excel with automated system-to-system file processing capabilities. Some MFT solutions don't have explicit transfer size limits, whereas EFSS solutions have file size limits that often don't support many large file types, including high definition videos and design files.
Get the best Black Friday deals direct to your inbox, plus news, reviews, and more.
Sign up to be the first to know about unmissable Black Friday deals on top tech, plus get all your favorite TechRadar content.
To manage information securely and address the balance between end users and IT, organizations need to consider these three foundations for file transfer processes:
1. Automation: The adoption of automation into file transfer processes with a centralized MFT system eliminates the time and costs involved in manual file transfer processes and maintain efficiency across the organization.
2. Security: Generating links to shared documents, as EFSS vendors have done in the past, can put sensitive data at risk through several basic flaws. Once a link is generated to only be accessible by trusted sources, it can actually be viewed by unintended third parties. MFT solutions that rely on scalability, reliability, failover and disaster recovery will strengthen the security posture of IT processes.
3. Compliance: The management of file transfer processes on a DIY basis is no longer viable for most organizations, given the increasingly vast amount of data transferred within mid-size to large companies. File transfer is also just one part of the equation for companies conducting business internally and with partners. If they have to demonstrate compliance for all exchanges and interactions, there could be hundreds of configuration controls they would need to manage and monitor on an ongoing basis to do so. Compliant service providers reduce the complexity and maintain security within the organization.
Managing information is a legacy IT headache and can expose businesses to security threats. Organizations should consider a comprehensive system in which a broad range of end-user and system-to-system workflows are supported, with tools that connect trading partners, empower mobile workers, automate local and remote transfer processes, and intelligently and securely control the flow of content.