A “clear text password” is a common problem in file transfer security. It is a dangerous problem because it exposes credentials that allow unauthorised individuals to act with the identity and permission of trusted individuals and systems. The problem happens in at least five different areas: Clear text password during input: This problem occurs when[..]
Deprovisioning is the act of removing access from and freeing up resources reserved by end users and their file transfer workflows. Rapid removal of access upon termination or end of contract is key to any organisation. Freeing up of related resources (such as disk space, certificates, ports, etc.) is also important, but often follows removal[..]
In file transfer, a “document definition” typically refers to a very specific, field-by-field description of a single document format (such as an ACH file) or single set of transaction data (such as EDI’s “997” Functional Acknowledgement). Document definitions are used in transformation maps and can often be used outside of maps to validate the format[..]
EAI is short for “Enterprise Application Integration“, a methodology which balances seamless experience across heterogeneous enterprise applications and datasets of various origins, scope and capability with the need to make major changes to those applications or datasets.
Enterprise Application Integration (“EAI”) is a methodology which balances seamless experience across heterogeneous enterprise applications and datasets of various origins, scope and capability with the need to make major changes to those applications or datasets. Today, EAI often uses ESB (“Enterprise Service Bus”) infrastructure to allow these various applications to communicate with each other. Before[..]
An Enterprise Service Bus (“ESB”) is a modern integration concept that refers to architectural patterns or specific technologies designed to rapidly interconnect heterogeneous applications across different operating systems, platforms and deployment models. ESBs include a set of capabilities that speed and standardise a Service-Oriented Architecture (“SOA”), including service creation and mediation, routing, data transformation, and[..]
ESB is short for “Enterprise Service Bus“, a modern integration technology used to quickly tie heterogeneous applications across different operating systems, platforms and deployment models.
External authentication is the use of third-party authentication sources to decide whether a user should be allowed access to a system, and often what level of access an authenticated user enjoys on a system. In file transfer, external authentication frequently refers to the use of Active Directory (AD), LDAP or RADIUS servers, and also refer[..]
A file transfer protocol that is “firewall friendly” typically has most or all of the following attributes: 1) Uses a single port 2) Connects in to a server from the Internet 3) Uses TCP (so session-aware firewalls can inspect it) 4) Can be terminated or proxied by widely available proxy servers For example: Active-mode FTP[..]
The term “FTP with PGP” describes a workflow that combines the strong end-to-end encryption, integrity and signing of PGP with the FTP transfer protocol. While FTPS can and often should be used to protect your FTP credentials, the underlying protocol in FTP with PGP workflows is often just plain old FTP. BEST PRACTICE: (If you[..]
In file transfer, a “map” is usually short for “transformation map“, which provides a standardised way to transform one document format into another through the use of pre-defined document definitions. See “transformation map” for more information.
In file transfer, a “mapper” is a common name for a “transformation engine” that converts documents from one document definition to another through “transformation maps“. See “transformation engine” for more information.
Message-Oriented Middleware (“MOM”) is software that delivers robust messaging capabilities across heterogeneous operation systems and application environments. Up through the early 2000’s MOM was the backbone of most EAI (“Enterprise Application Integration”) inter-application connectivity. Today, that role largely belongs to to ESB (“Enterprise Service Bus”) infrastructure instead.
Middleware is a software architecture concept that refers to integration of disparate applications to facilitate reliable communication. Middleware frequently relies on encapsulating inter-application communications in the concept of an “message”, and often has the ability to queue or perform optimized delivery or copying of messages to various applications. Common types of middleware include EAI (“Enterprise[..]
In the context of file transfer, MOM stands for “Message-Oriented Middleware“, which is software that delivers robust messaging capabilities across heterogeneous operation systems and application environments.
Non-repudiation (also “nonrepudiation”) is the ability to prove beyond a shadow of doubt that a specific file, message or transaction was sent at particular time by a particular party from another party. This proof prevents anyone from “repudiating” the activity: later claiming that the file, message or transaction was not sent, that it was sent[..]
OLA is an abbreviation for “Operating Level Agreement“, which is a type of internal agreement between departments that make it possible for file transfer operations to achieve their SLAs (Service Level Agreements). See “Operating Level Agreement” for more information.
To onboard a user or onboard a partner is to set up all the necessary user accounts, permissions, workflow definitions and other elements necessary to engage in electronic transfers of information with those users and partners. Automatic onboarding of users or partners usually involves external authentication technology of some kind. When that technology involves particularly[..]
The term “package” can mean different things in different file transfer situations. “Installation package” – A file that contains all the executables, installation scripts and other data needed to install a particular application. This file is usually a compressed file and is often a self-extracting compressed file. “Package sent to another person” – Very similar[..]
Provisioning is the act of adding access to and allocating resources to end users and their file transfer workflows. It is often used interchangeably with the term “onboarding“. The act of provisioning should always be audited, and the audit information should include the identity of the person who authorized the act and any technical actions[..]
QOS stands for “Quality Of Service”. See “Quality of Service” for more information.
Quality of Service (or “QOS”) is the ability to describe a particular level of service and then intelligently allocate resources to reliably provide that level of service. A common example of general QOS capabilities is found in the “traffic shaping” features of routers: different types of traffic (e.g., web surfing, videoconferencing, voice, etc.) share a[..]
Self-provisioning is the ability for individual end users and partners to set up (or “provision“) their own accounts. Self-provisioning is a common element of most cloud services but remains relatively rare in file transfer applications. A major difference between those environments is that self-provisioning in cloud services usually involves linking a credit card or other[..]
A file transfer service level agreement (SLA) establishes exactly what a particular customer should expect from a particular file transfer provider, and how that customer should seek relief for grievances. A file transfer SLA will often contain the following kinds of service expectations: Availability: This expresses how often the file transfer service is expected to[..]
SLA is an abbreviation for “Service Level Agreement“, which is a specific contract between a customer and a provider that lays out exactly what each side can expect from the other. The minimum amount of work and minimum level of due care that a file transfer operations team is responsible for is often determined[..]
A translation engine is software that performs the work defined in individual transformation maps. The transformation engines that power transformation maps are typically defined as “single-pass” or “multiple-pass” engines. Single-pass engines are faster than multiple-pass engines because documents are directly translated from source formats to destination formats, but single-pass engines often require more manual setup[..]
A transformation map (or just “map”) provides a standardised way to transform one document format into another through the use of pre-defined document definitions. A single transformation map typically encompasses separate source and destination document definitions, a field-by-field “mapping” from the source document to the destination, and metadata such as the name of the map,[..]
In file transfer, a “translation engine” is a common name for a “transformation engine” that converts documents from one document definition to another through “transformation maps“. See “transformation engine” for more information.
A transmission window is a window of time in which certain file transfers are expected or allowed to occur. Transmission windows typically reoccur on a regular basis, such as every day, on all weekdays, on a particular day of the week, or on the first or last day of the month or quarter. Most transmission[..]