Expansive feature lists can make any( ) solution sound attractive. But what counts are the features you’ll use, and identifying them prior to actually implementing MFT can generate a storm of confusion.
While every organization should determine which features matter most to them, there are some components no MFT solution should be without. Some of those are antivirus protection, file integrity checks, and the ability to restart interrupted file transfers.
Can your current file transfer solution sniff out viruses and malware? If so, do its security features meet the high standards needed for corporate data security?
In a recent, highly publicized corporate security breach, unauthorized parties gained access to tens of millions of credit cards and data files from Target Corporation customers. And while details of the breach are still coming out, it appears that inadequate virus and malware monitoring allowed hackers to access customer data via a shared Windows drive and FTP – a classic case of conventional file transfer methods failing to protect enterprise from an attack.
As analysts have noted, MFT could have helped Target avoid the data breach by replacing insecure FTP scripts and centralizing control over automated file transfers. Antivirus protection is key to modern MFT’s underlying architecture.
How do virus and malware monitoring “work” in an MFT context? Here are some essential data security features, all of which we discuss in our white paper on eliminating insecure file transfers, that you should expect an MFT solution to provide:
• Modern encryption – MFT products should encrypt files per Federal Information Processing Standard (FIPS)-verified and Advanced Encryption Standard (AES) algorithms.
• File streaming – The demilitarized zone, or DMZ, refers to the open network across which files must travel during user-to-user and business-to-business transfers; an MFT solution should stream encrypted files across the DMZ rather than store them there in anticipation of forwarding them later.
• Comprehensive authentication and authorization – This should apply to all users, servers, clients, and databases connected to the MFT network at any time.
Conventional file transfer methods rarely even approach the level of security these features provide. Still, you should accept no less in an MFT solution – especially when securing corporate data is an organizational imperative.
File integrity & compliance
To maintain compliance, many enterprises must ensure file integrity, and your MFT solution should be able to do so in accordance with industry standards. Keeping in mind that different verticals are subject to different rules, let’s consider file integrity in the context of healthcare data, which is subject to HIPAA regulations.
While healthcare management systems often apply all necessary data integrity safeguards by default, what about data in transit from a hospital to an insurance company? How can organizations guarantee the integrity of patient files once they’ve left internal systems?
Modern MFT solutions protect file integrity by performing the following functions:
• Integrity checks – Through checksum or hashing, MFTs perform calculations for every file leaving the enterprise.
• Access controls – These prevent unauthorized parties from modifying a file before it’s transferred.
• Data encryption – A file’s contents are impossible to obtain as it crosses the DMZ.
HIPAA is just one class of regulation that requires file integrity verification, but there are many others. Organizations in the financial sector may be subject to SOX, PCI DSS, or GLBA rules, and their MFT solutions should accommodate the file integrity safeguards those laws require.
Interrupted file transfers
If there’s one MFT feature that any enterprise can get behind, it’s the ability to restart an interrupted file transfer.
Besides being outright annoying, interrupted transfers can lead to missed deadlines and damaged business relationships. Just think what might happen if an interrupted file transfer prevents a sales associate from accessing her demo files during an on-site meeting with a prospect.
Or don’t consider it. The outcome probably isn’t a happy one.
To avoid similar scenarios, automatic retries, checkpoint restarts, and guaranteed delivery should be standard components of your MFT solution. In the event of an interruption, the file transfer should restart automatically – not from the beginning, but from the precise point of failure. That way it won’t take nearly as long for the transfer to complete, which is a big deal when you’re transferring large files.
So just remember not to overlook security, compliance, and delivery features in a managed file transfer solution. They may seem like a small part of a sweeping feature suite, but they’re often the most essential components for business.
This is the seventh post in a 10-part series on managing file transfers. Read rest of the series here. Be sure to subscribe to our blog to receive the next posts.