The Second Coming of Managed File Transfer Has Arrived
Sometimes, a mature, embedded technology still makes the most sense, especially when it comes to data security.
There's a lot to be excited about in technology today. Innovations in areas such as artificial intelligence, the Internet of Things, robotics, cloud computing, data analytics, and mobility are just a few of the categories that are transforming the way we do business. And yet, even as we laud the visionaries who are working on the next big thing, there's a lot of rock-solid traditional tech taking on the day-to-day dirty work that doesn't get much attention even though businesses rely on it. Every day I am treated to an up-close-and-personal view of that world.
As vice president of engineering for a company that develops managed file transfer (MFT) technology (as do many other vendors), I know we're not in the most disruptive of segments, but I also know how many organizations rely on MFT. MFT is a foundational technology. Organizations use it to securely exchange data and efficiently execute the business-critical tasks that come under the thumb of today's complex data regulations.
These days, "regulated" organizations include most companies in all industries, not just the ones we think of first, like financial services, healthcare, and retail. Any organization that collects and stores information about people qualifies to some degree, of course. Think about the kind of information a large chain store or fast-food restaurant handles every day; whether it is human resources and payroll data or customer transactions, there's a lot at risk if those files are intercepted or compromised in some way.
There is also a growing awareness about the organizational need to protect intellectual property, especially as supply chains, distribution channels, and partner networks grow more complex. The same is true for the manufacturers that source and distribute parts and materials from all over the world, including automotive and semiconductor makers. It's not just about protecting trade secrets; it's about protecting critical business processes. The reliable, efficient, and secure flow of data is table stakes for businesses today.
Another industry that recognizes the need to jealously guard their product integrity is entertainment. Multimillion-dollar blockbuster movies, for example, rely on an efficient digital production chain — including production, post-production, and distribution — operating on tight deadlines. Files shot in a remote location may need to be shared in a collaborative environment with teams distributed around the world before final editing in a California studio. Every step of the journey necessitates the secure, reliable movement of large files containing highly sensitive, high-value information to protect investments and keep to schedule. There's simply too much at stake to cut corners.
MFT might be a mature technology — but today, it's more relevant and important than ever.
Foundational Pieces
What MFT technology does is centered on security, compliance, authentication, and integration, which are crucial in today's innovation and technology-driven environment. These are foundational pieces for organizations that understand the risks of failure and the importance of addressing those risks proactively. Whether working to satisfy regulators or demanding studio bosses, falling short of the mark means financial and reputational damage. Neither outcome is acceptable.
This isn't to say that only large, complex global organizations need worry about such things. There is no size limit for compliance. The Health Insurance Portability and Accountability Act, for example, applies to the private clinic with a country doctor and associated staff as much as it does for the regional hospital network operating a dozen bustling hospitals.
[Check out the two-day Dark Reading Cybersecurity Crash Course at Interop ITX, May 15 & 16, where Dark Reading editors and some of the industry's top cybersecurity experts will share the latest data security trends and best practices.]
Hackers, after all, aren't concerned about the size of their target if the objective is worthwhile. Many medical organizations fall into the small- to medium-sized business (SMB) category, but they deal with a lot of sensitive and high-value information. It can be a challenge to help SMBs recognize their risk and responsibility. Recently, the FBI issued a warning that hackers were targeting medical and dental offices still using unsecured file transfer protocol (FTP) servers to store and transfer protected health information and personally identifiable information.
We find that kind of situation often — the presence of a rogue FTP server operating in the dusty corner of a server room somewhere. It works, so no one has bothered to do anything to change it. Or maybe a change was made and a well-meaning employee "upgraded" to a consumer-grade file sharing service. Although it may have seemed like a good idea at the time, it could end up costing a lot in the long run.
There's a reason why consumer-based file sharing and collaboration services are so popular; they're easy to use and they work well at an attractive price point. However, when you're dealing with important business transactions that involve sensitive information, it's important to pick the right tool for the job. MFT excels with back-office integration, whereas consumer-based services don't work with most process automation structures. Add in other required and MFT-enabled tasks such as process automation, deduplication, data extraction, and other transactional integrations, and you'll find that MFT platforms can go a long way toward minimizing the element of human error — an important and overlooked part of risk-mitigation.
MFT has long been an essential element within an IT environment, but now more than ever MFT is a crucial element to managing your data securely and effectively. The age of MFT has come again.
Related Content:
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024