Why FTP/SFTP is Insufficient
While the technology is dated, many companies continue to use FTP to transfer files internally and externally. As a free solution, many companies do not realize the risks associated with this type of file transfer. So the question to ask is, “Is FTP really free?”
FTP is not a secure method for transferring your data, whether internally or externally. What is the cost of losing your clients’ or partners’ data to your business? What is the cost of paying penalties for not meeting compliance requirements? Besides the financial implications, companies should also consider the effect of lost or delayed data on its reputation. As the public and businesses become savvier to the potential threat, FTP is quickly becoming an obsolete method of data transfer. Free file transfer
Many vendors promote SFTP (secure file transfer protocol) solutions. The data is transferred through SSH, a network protocol that allows data to be exchanged using a secure channel. While SFTP offers a minimal amount of security, it still compromises both your data’s confidentiality and integrity. SFTP has inherent design flaws that are making this seemingly secure method of transfer as obsolete as FTP.
The solution to protecting and transferring sensitive or mission-critical data securely is Managed File Transfer (MFT). Managed File Transfer solutions provide a greater level of security, meet strict regulatory compliance standards and give you the reliability you need in a data transfer solution. The key to minimizing risk to your corporation is to deploy a secure and compliant MFT solution that enables you to track all data movement across the organization from a single point.
Security and Compliance
Many federal regulations are making MFT not only a better option, but the only option. Data transfers are often performed by a myriad of file transfer products that vary widely in terms of robustness, security and audit capabilities. All efforts to provide an end-to-end view fail as long as file transfers are processed separately using different technology.
As the enterprise-wide deployment of legacy file transfer products is cost prohibitive, most organizations are riddled with file transfer products, tools and utilities that cannot interoperate. With the amount of data transferred by organizations increasing everyday, it is imperative to standardize on a modern, cost-effective solution that adheres to current security and audit requirements including:
• Sarbanes-Oxley Act (SOX)
• Gramm-Leach-Bliley Act (GLBA)
• Health Insurance Portability and Accountability Act (HIPAA)
• Health Information Technology for Economic and Clinical Health Act (HITECH)
• Payment Card Industry (PCI) Compliance
MFT solutions address all of these regulations and provide greater functionality, not only for security and compliance, but also by providing file transfer transparency throughout your entire organization.
Another issue driving the market to evaluate a MFT solution is data breaches. Data security breaches occurring at reputable corporations with large IT budgets have become an increasingly common occurrence. Too many organizations underestimate the issues with data transfer, lacking a full understanding of how data moves internally throughout their enterprise and how data is exchanged with their business partners.
With an increasing number of data breaches worldwide, many companies are asking themselves if FTP/SFTP solutions are worth the risk despite the no-to-low cost. According to the ITRC’s (Identity Theft Resource Center) 2009 Breach List Report, “only 2.4% of all breaches had encryption or other strong protection methods in use. Only 8.5% of reported breaches had password protection. It is obvious that the bulk of breached data was unprotected by either encryption or even passwords.”