Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

8/11/2011
11:31 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Survey Shows Increased File Transfer Adoption With Alarming Absence Of Security

Organizations of all sizes using multiple managed file transfer solutions and unsuccessfully balancing the goals of low cost and ease of use with IT visibility and data security

SEATTLE – August 9, 2011 – New market research on managed file transfer (MFT) usage and challenges shows utilization of file transfer solutions across companies of all sizes but growing issues surrounding cost, security, increasing file size and management. While security was clearly stated as the top challenge, the far majority of organizations surveyed also use FTP, an insecure protocol, more than any other transport method. The survey of some 250 IT and business managers, conducted by Hubspan, was vendor agnostic and designed to show key trends and challenges in the overall MFT market.

An overwhelming 77 percent of survey respondents use a file transfer solution to exchange information with both internal and external communities, with 66 percent of companies conducting file transfer transactions every day. Survey results also show that IT controls or approves file transfer in over 70 percent of organizations. However, the use of FTP (over 70 percent) as the primary means for file transfer illustrates the lack of security and compliance with employee file transfers, which can leave companies vulnerable to data loss and regulatory issues. When asked what protocol companies would prefer to use, FTP preference falls to 20 percent with SFTP, FTPS and HTTPS scoring top choices.

“This research validates what we consistently see, which is that managed file transfer is a critical process in virtually every organization, but one that needs to be raised to the level of other IT solutions in terms of security, visibility and auditing. While FTP replacement remains a difficult thing to achieve in many organizations, it is necessary,” said Michael Osterman, messaging expert and principal at Osterman Research. “The fact that most organizations employ multiple file transfer solutions, sometimes without IT’s blessing, adds to the problem, including additional IT management requirements and loss of visibility into the file transfer process.”

The top security concerns ranked by respondents included the interception of file transmissions, data encryption levels, user authentication, and back-up and storage. One respondent noted that his greatest issue was “getting rid of FTP completely.”

Key survey findings include:

More than 75 percent of companies surveyed use a file transfer solution today and of those who do not currently, nearly 40 percent plan to implement one.

The majority of companies surveyed primarily transfer files under 100 megabytes (43 percent), but two percent of respondents transfer files over 50 gigabytes in size.

Organizations are transferring files with internal people and systems (69 percent) and with multiple external communities, including customers (68 percent), partners (56 percent), suppliers (41 percent) and financial institutions (15%).

The top three greatest file transfer challenges as cited by survey respondents are: security (49 percent), file size (30 percent) and management (24 percent).

The top three criteria for selecting a file transfer solution are: cost (58 percent), security (46 percent) and ease of use (45 percent), illustrating that while security is a primary concern other factors such as cost and ease of use can distract users from the importance of security.

More than 250 organizations completed the file transfer survey, ranging in size from under 100 employees to more than 10,000 employees. Respondents represented a range of industries, with high-tech, manufacturing, wholesale distribution and healthcare accounting for over 50 percent of the polls.

Hubspan provides a cloud-based managed file transfer solution delivered as a managed service, which can be a standalone solution for centralized file transfer or part of a broader B2B business process integration. For more information on this latest market research or on Hubspan’s MFT solution, go to http://www.hubspan.com/resources/market-research/managed-file-transfer-use-and-challenges-survey-results/.

About Hubspan

Hubspan is the leading provider of cloud-scale B2B integration solutions, helping organizations streamline business processes and exchange real-time information across the B2B cloud to customers and partners. Hubspan’s flagship solution is the WebSpan SaaS Integration Platform. An enterprise-class solution, WebSpan provides a flexible, secure and cost-effective way for businesses to work together, extending existing infrastructure and supporting all applications and protocols. Thousands of organizations, from small enterprises to the Fortune 500, successfully use the platform every day for real-time B2B integration. WebSpan is available in packaged integration processes, from managed file transfer to eProcurement, Customer Integration, Advanced EDI and B2B eCommerce. For more information, go to www.hubspan.com or email [email protected] Follow Hubspan on Twitter @Hubspan.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19010
PUBLISHED: 2019-11-16
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.
CVE-2019-16761
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the [email protected] npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0...
CVE-2019-16762
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any...
CVE-2019-13581
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary ...
CVE-2019-13582
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution.