Secure File Transfer Strategy
– According to Bill Ho, president of Biscom:
Any investment in a security-centric application that involves sending confidential information outside an organization’s borders must be vetted from both a business as well as a technology perspective.
The increased need in today’s global economy to transfer and collaborate on large files or sensitive documents with external individuals and groups has motivated users to demand better, more manageable file transfer solutions. These solutions must be easy to use and satisfy the increasing security concerns and regulatory requirements which many companies face. Healthcare, financial services, education, government agencies, and many other segments have stringent data delivery and sharing needs. In organization that don’t have a way to share sensitive information in a secure manner, users may be resorting to methods that are unsecure, incapable of being tracked, slow, expensive, or require significant IT time and attention. Email, FTP, consumer file synchronization tools, and overnight services may not meet the security, data payload, speed, cost, and reporting requirements that companies call for.
Ideally, a secure file transfer (SFT) solution will require very little training, have minimal impact on existing user behavior, and operate transparently to speed the adoption of any new processes or policies. Identifying the groups and individuals who regularly interact with external parties (customers, partners, consultants, contractors, etc.) and who would benefit from a SFT solution is the first step in the requirements phase of selecting a SFT vendor. Understanding the types of files and documents that will be shared is a second step to ensure that the confidentiality and file sizes being transferred are supported by the SFT solution. Documents that include personal information such as social security numbers, financial data, and other personally identifiable or confidential information can be sent safely and securely via SFT without the vulnerability inherent in email and FTP. Files that may exceed email attachments limits are also prime candidates to be sent through SFT solutions.
Above and beyond meeting security requirements, the business benefits of SFT include:
• Providing an easy and self-service application for non-technical users;
• Cost savings over other methods such as overnight deliveries;
• Productivity gains from time savings for both the user and IT; and
• Tracking and reporting capabilities for compliance and auditing purposes
Any new system or process introduced into a company’s technology infrastructure must work well with existing applications, support integration with legacy applications, adhere to existing security designs, scale to support small departments to large or organization-wide deployments, and leverage existing infrastructure when possible, such as virtualized environments, enterprise storage systems, and Web components already in place. Support for web and mobile apps is important for remove workers and frequent travelers.
When evaluating any technology, the emphasis should be on solutions that adapt to an existing infrastructure, and not on applications that require significant systems re-architecture and design modifications to meet the application’s requirements.
About the author:
Bill Ho brings more than 20 years of Internet and software experience in the technology field to his position as President at Biscom. Bill received a BS from Stanford University and an MS from Harvard University, both in the field of Computer Science.