Upgrading your pipes—SSH for a secure file transfer infrastructure

In the modern world where we live, constant advancement, refinement and people’s needs regularly demand infrastructure overhauls to a road, building or city, where what was reliable and efficient before, has quickly become unreliable and vulnerable to failure.

Data is the new water, secure file transfer is the new “pipe”

Even the most common and simple conceptual requirement to deliver water to and around a city requires detailed planning and foresight so that there is no interruption of service. In our world, data is the new water, and secure file transfer is a key component of any organization’s data infrastructure.

The tricky part is when deciding to make changes that any alterations made don’t cause problems further down the line.  So to use the analogy above, upgrading the water delivery pipe to the city may reveal bigger problems to a growing city infrastructure that can’t deliver the volume or may provide technical challenges of connecting new technology to old.

As we all know, change is inevitable, but it’s how we perform change that is important for success.

Old “pipes” are risky

As transaction numbers increase, databases become bigger, more intelligence is captured and regulations drive for the need to trace data. Weaknesses are exposed in the once simple system of transferring bulk information.  Therefore the evolved practices of using basic FTP, freeware, having the business units use whatever software they want or supporting many versions of the same software, are out-dated, unreliable, inefficient and insecure.

So a change of thinking needs to occur and one of the benefits of having customers who are the who’s who of the world’s business and government organisations, means we get to see what the big players are doing.

The fact is, worldwide, some of the biggest organisations are standardising their day to day, point to point, secure file transfer needs on a single high quality product…especially on their Microsoft Windows servers.

Specifically in the APAC region where I work, two major regional banks have mandated and completed the overhaul and replacement of all outdated, freeware and basic FTP products based on the following mandate.

All data files transferred internally or in and out of the DMZ, must be transferred using SSH.

Why?  Because a quality SSH product uses a standard protocol for secure file transfer that protects data in motion, adheres to compliance requirements, offers the best encryption and authentication options available and connect well to different SSH technologies and MFT environments.  This strategy as a whole has been found to reduce cost and an organisation’s risk.

Finally, a real solution for Microsoft Windows

Microsoft Windows Servers do not come standard with any secure file transfer components. This is a major concern for organisations with highly sensitive data, so one of our banks deploys SSH on every Windows Server requiring file transfer (around 40%) while the other bank, deploys SSH on every Windows Server as standard.

For Unix, since the OS often bundles a free SSH product, some organisations will standardise on this where as others prefer to deploy a fully supported product by a known vendor that will respond to service requests and requests for changes, and provide regular security updates.

For example, it is for the reasons described above that customers standardise on Attachmate’s Reflection for Secure IT (RSIT) for their SSH/SFTP File Transfer needs on Windows and/or UNIX platforms.

For the business thinkers, our customer research has found providing a single high quality product means support costs are low, a simple to manage product means maintenance costs are low, a highly secure product means the risk team are happy and deployment is simple.

“Plumbing” advice

My suggestion to the reader is to investigate how many flavors of file transfer are being used on each operating system in your organisation, are they meeting quality and security standards, and if you are paying for a bulldoser to move the data when a shovel will do just fine.

Infrastructure will always change, security will always increase and efficiencies are mandated.  It’s worth taking a look at one of the most basic functions in an organisation and that is secure file transfer, to make sure you are not left exposed and your quality of service is maintained.

Share this post:

Leave a Reply

Your email address will not be published. Required fields are marked *