Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

8/11/2011
11:31 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Survey Shows Increased File Transfer Adoption With Alarming Absence Of Security

Organizations of all sizes using multiple managed file transfer solutions and unsuccessfully balancing the goals of low cost and ease of use with IT visibility and data security

SEATTLE – August 9, 2011 – New market research on managed file transfer (MFT) usage and challenges shows utilization of file transfer solutions across companies of all sizes but growing issues surrounding cost, security, increasing file size and management. While security was clearly stated as the top challenge, the far majority of organizations surveyed also use FTP, an insecure protocol, more than any other transport method. The survey of some 250 IT and business managers, conducted by Hubspan, was vendor agnostic and designed to show key trends and challenges in the overall MFT market.

An overwhelming 77 percent of survey respondents use a file transfer solution to exchange information with both internal and external communities, with 66 percent of companies conducting file transfer transactions every day. Survey results also show that IT controls or approves file transfer in over 70 percent of organizations. However, the use of FTP (over 70 percent) as the primary means for file transfer illustrates the lack of security and compliance with employee file transfers, which can leave companies vulnerable to data loss and regulatory issues. When asked what protocol companies would prefer to use, FTP preference falls to 20 percent with SFTP, FTPS and HTTPS scoring top choices.

“This research validates what we consistently see, which is that managed file transfer is a critical process in virtually every organization, but one that needs to be raised to the level of other IT solutions in terms of security, visibility and auditing. While FTP replacement remains a difficult thing to achieve in many organizations, it is necessary,” said Michael Osterman, messaging expert and principal at Osterman Research. “The fact that most organizations employ multiple file transfer solutions, sometimes without IT’s blessing, adds to the problem, including additional IT management requirements and loss of visibility into the file transfer process.”

The top security concerns ranked by respondents included the interception of file transmissions, data encryption levels, user authentication, and back-up and storage. One respondent noted that his greatest issue was “getting rid of FTP completely.”

Key survey findings include:

More than 75 percent of companies surveyed use a file transfer solution today and of those who do not currently, nearly 40 percent plan to implement one.

The majority of companies surveyed primarily transfer files under 100 megabytes (43 percent), but two percent of respondents transfer files over 50 gigabytes in size.

Organizations are transferring files with internal people and systems (69 percent) and with multiple external communities, including customers (68 percent), partners (56 percent), suppliers (41 percent) and financial institutions (15%).

The top three greatest file transfer challenges as cited by survey respondents are: security (49 percent), file size (30 percent) and management (24 percent).

The top three criteria for selecting a file transfer solution are: cost (58 percent), security (46 percent) and ease of use (45 percent), illustrating that while security is a primary concern other factors such as cost and ease of use can distract users from the importance of security.

More than 250 organizations completed the file transfer survey, ranging in size from under 100 employees to more than 10,000 employees. Respondents represented a range of industries, with high-tech, manufacturing, wholesale distribution and healthcare accounting for over 50 percent of the polls.

Hubspan provides a cloud-based managed file transfer solution delivered as a managed service, which can be a standalone solution for centralized file transfer or part of a broader B2B business process integration. For more information on this latest market research or on Hubspan’s MFT solution, go to http://www.hubspan.com/resources/market-research/managed-file-transfer-use-and-challenges-survey-results/.

About Hubspan

Hubspan is the leading provider of cloud-scale B2B integration solutions, helping organizations streamline business processes and exchange real-time information across the B2B cloud to customers and partners. Hubspan’s flagship solution is the WebSpan SaaS Integration Platform. An enterprise-class solution, WebSpan provides a flexible, secure and cost-effective way for businesses to work together, extending existing infrastructure and supporting all applications and protocols. Thousands of organizations, from small enterprises to the Fortune 500, successfully use the platform every day for real-time B2B integration. WebSpan is available in packaged integration processes, from managed file transfer to eProcurement, Customer Integration, Advanced EDI and B2B eCommerce. For more information, go to www.hubspan.com or email [email protected] Follow Hubspan on Twitter @Hubspan.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13864
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.
CVE-2020-13865
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
CVE-2020-11696
PUBLISHED: 2020-06-05
In Combodo iTop a menu shortcut name can be exploited with a stored XSS payload. This is fixed in all iTop packages (community, essential, professional) in version 2.7.0 and iTop essential and iTop professional in version 2.6.4.
CVE-2020-11697
PUBLISHED: 2020-06-05
In Combodo iTop, dashboard ids can be exploited with a reflective XSS payload. This is fixed in all iTop packages (community, essential, professional) for version 2.7.0 and in iTop essential and iTop professional packages for version 2.6.4.
CVE-2020-13646
PUBLISHED: 2020-06-05
In the cheetah free wifi 5.1 driver file liebaonat.sys, local users are allowed to cause a denial of service (BSOD) or other unknown impact due to failure to verify the value of a specific IOCTL.