Box, DropBox, YouSendit vs Managed File Transfer: How secure is your data?

Box, DropBox, YouSendit vs Managed File Transfer: How secure is your data?

File sharing applications are often free or at least cheap, simple to use and very often difficult for an IT department to trace.  This presents a major problem for the enterprise as highlighted in a recent study by Palo Alto Networks which showed that of the 1,636 enterprises surveyed, a staggering 92% of companies had an average of 13 different browser based file sharing applications in use within their network.

With recent announcements such as the DropBox security loophole and the MegaUpload service being taken down, the net is closing in on file sharing applications and services, and rightly so.  Pretty much all businesses need to share files with colleagues, customers and trading partners, but at what cost? Recent studies by the Ponemon Institute found that the average data breach costs UK firms £1.9m prompting the question, “what would be the impact of a data breach on your company”?

browser_based_file_sharing_apps

Figure 1 – Most frequently detected browser based file sharing apps

Over burdened IT departments throughout the UK are faced with the challenge of enabling their users to carry out day to day tasks, whilst ensuring that their activities don’t compromise the very future of the business they work for.  With legislation surrounding data breaches putting increasing pressure on IT departments and data controllers, the implementation of a secure, managed file transfer solution has never had a higher priority.

When it comes to providing users with a simple, secure file transfer solution, we can help.  Pro2col represents a number of managed file transfer vendors here in the UK and has 10 years experience in finding the right solution for businesses.  Whether its providing cross platform applications for Windows, Mac, Linux or Unix, mobile application integration for iPhone, Android, Blackberry or the iPad or email integration with Microsoft Outlook or Lotus Notes, we have the solution to fit.

If your company is still using online file sharing technologies ask yourself this question – which is right for my business?  A technology over which I have no control or visibility or a secure, managed file transfer solution providing guaranteed delivery, auditing and reporting capabilities and complete control.

For a free consultation contact Pro2col on 0333 123 1240 and speak to a managed file transfer specialist with no obligation.

EU Data Breach Laws Set to Toughen

EU Data Breach Laws Set to Toughen

Businesses will be required to inform authorities within 24 hours of a serious data breach according to tough new data protection rules announced during a press conference in Brussels yesterday.

data_protection“Companies and organisations must notify [authorities] of serious data breaches as soon as possible — and to me, that means within 24 hours,” said Justice Commissioner Viviane Reding.

Under the proposed law companies would also be obliged to inform all affected individuals of any data security breach, including unauthorised destruction or loss.

Under the Commission’s proposed changes to the 1995 Data Protection Directive, companies can be fined up to €1m (£830,000), or two percent of global turnover, for serious violations of the regulations. In an attempt to provide businesses with much simpler data protection administration throughout Europe, National data authorities will become the primary point of contact for companies dealing with Europe-wide data questions, and the legislation aims to provide a single set of rules for data protection across Europe.

The rules need to be approved by the EU’s member states and ratified by the European Parliament before they can come into effect.    

Should I Use Transport Encryption Or File Encryption

Should I Use Transport Encryption Or File Encryption

By Hugh Garber, Ipswitch.

This morning I was asked if I recommended using transport encryption or file encryption to protect company files and data.

My answer: “Use both of them, together!”

For starters, here’s a real quick summary of both encryption types:

Transport encryption (“data-in-transit”) protects the file as it travels over protocols such as FTPS (SSL), SFTP (SSH) and HTTPS. Leading solutions use encryption strengths up to 256-bit.

File encryption (“data-at-rest”) encrypts an individual file so that if it ever ended up in someone else’s possession, they couldn’t open it or see the contents. PGP is commonly used to encrypt files.

Hacking for password

I believe that using both together provides a double-layer of protection. The transport protects the files as they are moving and the PGP protects the file itself, especially important after it’s been moved and is sitting on a server, laptop, USB drive, smartphone or anywhere else.

Here’s an analogy: Think of transport encryption as an armoured truck that’s transporting money from say a retail store to a bank. 99.999% of the time that armoured truck will securely transport your delivery without any incident. But adding a second layer of protection – say you put the money in a safe before putting it in the truck – reduces the chance of compromise exponentially, both during and after transport.

One last piece of advice: Ensure that your organisation has stopped using the FTP protocol for transferring any type of confidential, private or sensitive information. Although it’s an amazing accomplishment that FTP is still functional after 40 years, please realise that FTP does not provide any encryption or guarantee of delivery – not to mention that tactically deployed FTP servers scattered throughout your organisation lack the visibility, management and enforcement capabilities that modern managed file transfer solutions deploy.

Original: Ipswitch File Transfer

Email Attachment Management: Facilitating Secure, Large File Transfer

Email Attachment Management: Facilitating Secure, Large File Transfer

Typically, email is the first port of call for all non-technical staff members when faced with the task of sending large documents quickly. We’re now in an age where data leaks are common place and authorities are cracking down on insufficient security policies. According to figures published by IDG Research Services, the companies that they surveyed rated email as the third highest area of concern when it came to the security of their data. The fact of the matter is, standard email is just not capable of meeting modern day security requirements. Not only this, there are other associated problems to consider when using email for large file transfer such as email attachment management, size limitations, unpredictable deliverability of files, bandwidth utilisation and storage problems.

So businesses are reacting to these issues by implementing sophisticated technologies that address these concerns – which is great – but unfortunately, this is a 1-dimensional solution to a 2-dimensional problem. Providing the facilities to send files securely is one thing, guaranteeing that all file transfers within the business are completed using these facilities is another matter altogether.

email_attachement The question is, how do you stop staff members bypassing new technologies in favour of good old trusty, familiar solutions such as email? The answer is – enable them to continue to use it. Alongside web browser upload options provided, email attachment management solutions offer plugins that can be integrated with existing email clients, to enable ground level users to attach files and send them securely via email.   The difference is that rather than filtering through email servers, large email attachments are handed off to the email attachment management solution where they are encrypted, stored and a notification email sent onto the recipient containing a secure download link to the file.

So…

  • Your confidential information remain secure.
  • You avoid the fines and penalties being enforced by authorities such as the ICO, for failing to meet security compliance legislation.
  • The reputational risk associated with loss of customer data is negated.
  • Email servers and storage systems are not overwhelmed by a mass of large data files.
  • File transfers come with a full audit trail.
  • You can be notified when a recipient downloads a file, providing accountability and more reliable file transfers.
  • Large file transfer is quick, secure and user friendly for staff, allowing them to concentrate on being productive.

Take a look at this short video to find out more about what an email attachment management solution can offer you…

If you’d like to find out more about email attachment management, Biscom Delivery Server or any of the other secure, ad hoc file transfer solutions we provide, please don’t hesitate to contact us on 0333 123 1240.

Secure Managed File Transfer: On Premise v’s The Cloud

Secure Managed File Transfer: On Premise v’s The Cloud

Everybody is talking about the cloud; its today’s hot topic with more and more organisations considering a cloud-base (hosted) solution as an alternative to their current on-premise solution.  The shift to cloud based computing is gathering pace and consequently this is an area we’ve been looking at quite closely.

So, is Cloud based secure managed file transfer for me and what are the biggest drivers behind this trend?

1.  Its cheaper! Many IT departments spend at least 50% of their budgets on salaries, and up to 70% of IT staff time is spent on maintenance, according to analysts. In-house IT specialists cost companies for IT management resource. A hosted service, on the other hand, may charge a much-reduced figure for its service along with 24–7–365 monitoring and higher uptime than many companies can achieve with on-premise staff and systems.

Managed_File_Transfer_In_The_Cloud

2.  Hosted providers can do it better. Hosting vendors store the information on their own servers and manage the entire system for you, drastically reducing the time and energy you spend on keeping your MFT up and running. A growing number of companies just want MFT isolated as an enterprise-class cloud service, with all the modern archiving, compliance and virus protection features they require along with a scalable infrastructure their IT staff never has to worry about or manage.

3. The cloud has gone mainstream. Primed for enormous growth and widespread adoption, recent research indicates that 84 percent of small and mid-size companies and 69 percent of large companies are willing to consider, currently reviewing or already using software-as-service (SaaS) solutions. A big part of this growth is a result of the increase in broadband Internet access, but another key factor is that cloud MFT vendors are making better, simpler and more affordable software that doesn’t require a technical degree to setup or use. It’s also more widely accepted as a safe alternative to on-premise solutions.

4.  Pay as you go. As budgets tighten in this tougher economic period, more and more companies are gravitating toward cloud-based solutions. With no technology to maintain, total cost of ownership is five to 10 times less than installed software, so it’s easier to budget and scale as you add and subtract users. In addition, cloud-based solutions do not require ongoing maintenance, time or complex upgrades, so what was once a capital expense becomes a more balance sheet-friendly operating expense.

As this shift to cloud based computing continues to gather pace, Pro2col is at the forefront of assessing the industries leading vendors to ensure we know which solution is right for your budget and set of requirements.

But, the Cloud isn’t for Everyone

Despite all this optimism for the cloud, we know there are plenty of situations where it may not make sense to move your MFT there. Some data may need to remain on-premise, behind a firewall for legal or regulatory considerations (e.g., HIPAA). Also, other on-premise applications (e.g., document workflows) may be tightly integrated with your on-premise MFT system, so moving your MFT to the cloud could pose challenges if you are hoping to continue coupling these solutions. Finally, many organisations may not have fully made use of their existing on-premise MFT solutions (i.e., they have already invested in it) and may not be able to easily or practically abandon it.

For independent advice on Cloud/Hosted FTP or On-Premise Managed File Transfer solutions contact Pro2col on +44 (0) 333 123 1240 or +44 (0) 1202 433 415.

Ipswitch MOVEit DMZ Managed File Transfer Review

Ipswitch MOVEit DMZ Managed File Transfer Review

scmag_moveitdmz_review (1)SC Magazine have reviewed a number of managed file transfer solutions available in the marketplace – Ipswitch MOVEit DMZ being one of them. This managed file transfer server software helps secure data in transit by encrypting various transfer protocols using industry standards.

After reviewing product attributes such as features, ease of use, performance, documentation, support and value for money, Ipswitch MOVEit DMZ was award a full 5 stars in every category and labelled as one of SC Magazine’s ‘Best Buys’. Stating no possible negative points against the solution, the overall verdict deemed MOVEit DMZ a “A flexible, web-based product which allows tight control over end-to-end file transfer security.”

See here for full details of the SC Magazine review or for more information regarding the Ipswitch File Transfer product range. Please also feel free to contact Pro2col on 0333 123 1240 to speak to one of our consultants.