Securing the file transfer world, one file at a time

Opinion by Dan Raywood

The security of moving data was a key trend of 2010 and as employee activity will continue to be under the spotlight this year, Dan Dunford, product specialist at Attachmate, looks at the challenges of moving data and how one technology could be a solution.

The security of moving data was a key trend of 2010 and as employee activity will continue to be under the spotlight this year, Dan Dunford, product specialist at Attachmate, looks at the challenges of moving data and how one technology could be a solution.

Anyone who has tried multiple times to transfer a large file knows the frustrations of working with basic File Transfer Protocol (FTP) services. Common headaches include the effort involved in provisioning file transfers to new users, and resolving issues when file transfers go wrong.

But the problems of FTP or other legacy data transfer systems frequently go much deeper. They often fail to meet current security standards and are full of operational drawbacks such as functionality, not providing their own reporting or having the capability to create audit trails.

There is no getting away from the fact that greater amounts of data are being sent over unsecure networks using FTP. Coupled with mounting pressure and scrutiny on companies to effectively and safely manage file transferring, this means that having a secure file transfer system is an issue that should not be ignored.

Nevertheless, there is an overall lack of awareness of the challenges and solutions to implementing a secure file transfer policy and there is even less awareness of the different methods which do stand up to modern security and compliance audits.

In a recent Attachmate European-wide survey on managed file transfer (MFT) solutions, it found that 53 per cent of companies regarded security in data transfers as their greatest challenge. The same percentage admitted that their current methods do not meet current security standards.

The survey also uncovered black spots in corporate data security policies. For example 17 per cent of the employees transferring data admitted not knowing who to contact should an error occur during transfer. More worryingly, 64 per cent said their company does not have a uniform approach in place for data transfer.

Clearly, failure to have a uniform strategy leaves gaping holes within your security protocols. Simple solutions can be implemented in order to fill these gaps and ensure files are safely transferred. For instance, one area this has particularly strong security ramifications for and is too often overlooked by employees is the lack of urgency and protection of transferring files over the internet.

A good tip is to make sure employees are aware of the value of data and that it is worth protecting within the corporate network as it moves across the internet. Simply encrypting the files for transfer and authenticating the identity of transfer partners will prevent most threats and ensure that only intended recipients will have access to the data.

Other practical solutions that can help prevent security issues are clearly identifying the person designated to oversee data transfers. It is also prudent to make sure an additional employee is familiar with the company's protocols too. In many instances IT personnel overestimate knowledge, whereas in reality many employees are confused by things such as anti-virus proceĀ­dures or how to encrypt or decrypt data. This can be easily rectified by company training days, making sure that everyone knows the company's procedures.

Often the problem lies within FTP itself. This uncertainty with FTP has meant companies are increasingly looking to managed file transfer solutions to assist in their efforts to pass audits related to the privacy and security of data.

MFT solutions are a secure, easy and a cost-efficient way to transfer data. They can be automated and are easily integrated within a cross-platform network and make data transfer processes reproducible and will hold up in audits of corporate IT.

As the practices and procedures around file transfers are getting more rigorous and complicated, having a system that is highly automated and keeps track of where and when your files have been moved is an ideal way to conserve precious resources and increase productivity.

Consequently, if a company makes a lot of transfers they should be reviewing their solution and practices. FTP and other legacy data transfer systems have too many security flaws and leaves companies at risk. Educating staff about company protocols, ensuring there is a uniform policy in place and simply encrypting data, will help to reduce the security threats.

However, the most effective way to reduce the administrative burden and improve issue resolution times for IT operations teams is to utilise MFT solutions.

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events