- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
Network World - This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.
Last October a large company revealed that an employee mistakenly sent an email to an unauthorized recipient containing the names and Social Security numbers of former employees. Six months earlier, a large Texas university accidentally exposed personal information about as many as 4,000 alumni in an electronic file accidentally attached to an email sent to one person who had requested a transcript. That's just the tip of the iceberg in insider-triggered security breaches.
In fact, a 2012 Forrester survey found that 47% of security breaches in the previous 12 months were caused by either inadvertent misuse (32%) or deliberate abuse (15%) by an insider or business partner. The problem can be traced in part to a lack of control over data sharing with conventional strategies such as email, FTP and consumer-grade cloud services like Dropbox and YouSendIt. [Also see: "Five misconceptions about file transfer security"]
An alternative that is gaining ground is managed file transfer (MFT), a technology that mitigates risk in data sharing by centrally managing, securing and tracking both ad hoc and scheduled data transfers. That includes user-to-user exchange between colleagues or with third parties such as customers; system-to-system transfers that move application data between servers; user-to-system transfer scenarios for data updates; or even desktop-to-mobile file transfers for users on the road.
[ ROUNDUP: 6 tools to manage large file transfers ]
MFT solutions offer four major data protection benefits that apply to information that moves both inside and outside the corporate firewall.
First, MFT controls every aspect of the data exchange process, enabling administrators to set rules, monitor and audit the entire enterprise data flow from a central location without the fragmentation and lack of oversight of FTP and cloud services.
Second, MFT products make it possible to restrict senders and recipients by privilege level or type of file to help ensure that data doesn't fall into the wrong hands. For example, administrators might bar groups of users from sending or receiving HR files, customer lists or CAD drawings, or prohibit those files from being sent outside the enterprise.
Third, instead of sending information in clear text, MFT adds a security layer by automatically encrypting data transfers.
Fourth, some MFT products provide direct integration with data loss prevention (DLP) products that filter messages for forbidden content, allowing even more granular control over the types of data that may be exchanged and permissible destinations.
These protections also apply to large files that exceed email attachment limitations, prompting users to resort to cloud services that cause administrators to lose both control and visibility over the file exchange process. Using cloud services also puts your data at the mercy of the provider's security vulnerabilities. In June 2011, for example, Dropbox inadvertently dropped password requirements on all accounts for four hours, exposing every user's files to the public.