Digital transformation? Start by consolidating your data transfers

Digital transformation? Start by consolidating your data transfers

Starting your digital transformation is a daunting prospect. It is no secret that success is hard to achieve; researchers at the likes of MIT have proved it! Yet there is a simple starting point, which will get your project off on the right track. We recommend reviewing your data transfer processes and systems first. They tend to underpin most – if not all – of your operational processes, so you will quickly see opportunities to consolidate systems, whilst getting a great overview of what is in scope.

Your review should include, but not be limited to, the following:

  • Existing FTP / SFTP servers;
  • Managed File Transfer solution;
  • Home grown solutions, particularly unmanaged scripts;
  • Ad hoc employee file sharing.

If you already have an MFT solution, we almost guarantee you will spot opportunities to consolidate many of these disparate systems and processes. And if you don’t have one, you will quickly start to see the benefit. There’s the immediate cost savings, plus many more opportunities for efficiencies in the long run. You will also benefit from increased security and visibility, with MFT providing a ‘single pane of glass’ view across all your incoming and outgoing file transfers, plus integration with other security tools such as AV and DLP.

MFT’s data integration capabilities allow you to extend the life of legacy systems, whilst integrating with new cloud-based applications. You keep your options open for future expansion, whilst facilitating the immediate benefits of digital transformation.

Here are the five top ways this technology will drive your digital transformation:

  • Empower employees with an accessible working environment;
  • Gain visibility of all data within and beyond the organisation, enabling data-driven decision making and easier governance;
  • Digitise your processes, including system-to-system, system-to-person, person-to-system and between people. This frees up time for employees to spend on value-add or mission critical work, whilst improving security;
  • You can select the best possible technology for each requirement then integrate between systems using APIs, rather than compromising on a product because it offers the out-of-the-box connectivity you need. You can also easily integrate new technologies as they become available;
  • Capitalise on the benefits of a cloud-based infrastructure, moving files to and from the cloud securely and integrating with applications to deliver onward business processes.

More on MFT and Digital Transformation

You can find out more about this technology in our White Paper, Enablers of Digital Transformation: MFT & Data Integration. You will get a clear understanding of the role Managed File Transfer plays in delivering all aspects of your data strategy, improving operational processes and security by integrating business applications.

Need further expertise? Download our FREE resources

Personal data transfers across international borders: What changes with Brexit?

Personal data transfers across international borders: What changes with Brexit?

eu-data-protection

There’s a lot of uncertainty about how and when the UK will leave the EU. This blog and downloadable guide help businesses prepare for handling personal data in the event of a no deal.

Businesses moving personal data in or out of the UK currently do so under the EU’s General Data Protection Regulation (GDPR) and UK Data Protection Act 2018. The GDPR offers harmonised data protection rules, and regulates data transfers from the EU to the rest of the world.

If the UK leaves the EU without agreeing arrangements for data protection – ie: in a no deal Brexit – there would be no immediate change in the UK’s own data protection standards. This is because the Data Protection Act 2018 would remain in place and the EU Withdrawal Act would incorporate the GDPR into UK law to sit alongside it. However when organisations transfer data into the UK, there are some changes you need to be aware of.

We’ve been in contact with the Department for Business, Energy and Industrial Strategy and have produced a downloadable guide to help businesses prepare in the event of a no deal exit from the EU. The key points are summarised below.

Regardless of whether your business is affected, we would strongly urge you to review how you transfer personal data. Nearly one year on from when the GDPR came into force, there are still many businesses out there emailing personal data, using consumer grade transfer tools and other processes that risk a compliance breach.

Summary

  • The same stringent regulation will remain in place to protect UK residents’ personal data being transferred to the countries either within the European Economic Area (EEA) or beyond.
  • Organisations based in the EEA can transfer data to the UK, as long as they make alternative safeguards in line with GDPR.
  • Organisations elsewhere in the world will need to comply with their own data protection regulations in order to transfer data to the UK. Arrangements are being made with countries who have an EU adequacy agreement (deemed adequate), but if countries don’t deem the UK adequate by the time we leave the EU they will need to make use of alternative mechanisms in their own law in order to continue to transfer personal data to the UK.
  • There are specific recommendations for UK businesses providing goods or services in the EU/EEA but without a presence in an EU Member State, or with headquarters in the UK but with operations in the EU and processing personal data across EU/EEA borders.

For more information, download the resource – Data protection guidelines for businesses in a no-deal exit from the EU – from the Pro2col resource portal.

 

If you have any questions about how to transfer personal data, our experts can help you. Get in touch now to arrange a call. We have been providing secure data transfer solutions to businesses for over 15 years, transforming their infrastructure, increasing productivity, collaboration, data security and streamlining processes.

Need further expertise? Download our FREE resources

Will ADLP improve the security of my file transfers?

Will ADLP improve the security of my file transfers?

Is it possible to stop users from accidentally leaking personal or sensitive information, or to prevent malware being sent from a trusted partner, without completely disrupting the business processes?

Adaptive Data Loss Prevention (ADLP) adds an additional layer of security to your MFT solution, detecting sensitive data, then carrying out a range of complex onward actions.

“ADLP can detect and modify the data, rather than just blocking the whole file,” explained Clearswift’s Pre-Sales Engineer Steve Jeffery, whose product integrates with Managed File Transfer solutions to scan data entering or leaving the business in automated workflows and ad hoc person-to-person file sharing.

“The Clearswift SECURE ICAP Gateway (SIG) integrates with the MFT ICAP interface to enable the content inspection. This detects certain data from key words or patterns – such as credit card numbers, personally identifiable data, healthcare details, or a more complex examination for Intellectual Property. The results of the inspection are then passed back to the MFT workflow, which will determine what happens next.”

Steve Jeffery, Pre-Sales Engineer at Clearswift

Onward actions might include:

  • Returning the file to the original sender;
  • Quarantining the file and sending an email alert so it can be manually reviewed;
  • Redacting data, eg: replacing digits in credit card data with XXXX.

““It works in reverse too for unwanted data acquisition,” explained Steve. “We worked with a hotel to reject incoming credit card data, which customers sometimes emailed in. The technology detected the data, returned it with the data redacted, and directed the customer to a secure payment portal.”

Some other use cases include:

  • Removing metadata in a document history. This is particularly useful for ad hoc person-to-person transfers, where a document has been updated multiple times. An updated proposal for a new customer, for example, may still contain data relating to a previous customer in the document history;
  • The anti-malware component will remove macros in a document, which can contain malicious code.

Integrating your MFT with Adaptive Data Loss Prevention technology will secure the entire flow of data in and out of your business. It does this without halting business operations when something is detected. It supports compliance with the GDPR and other requirements.

Not all MFT products support this integration. If you would like to discuss whether yours does, please get in touch. You can contact us via the web form, or call 0333 123 1240.

Need further expertise? Download our FREE resources

PGP encryption

PGP encryption

To PGP or not to PGP? That is the question several customers have asked us recently. This blog post summarises everything you need to know about PGP encryption, so you can make an informed decision about whether it is right for you.

PGP stands for ‘Pretty Good Privacy’. It is an asymmetric encryption, which means it uses public and private keys to encrypt and then decrypt cipher text. It requires more work than symmetric encryption, which uses a shared key, but is generally considered better security.

PGP provides end-to-end encryption, integrity checking and authentication. It is commonly used for encrypting and decrypting texts, files, directories and whole disk partitions.

 

PGP Encryption: How does it work?

Asymmetric encryption uses two different keys to encrypt and decrypt each file, then two more keys to sign and verify each file. Both parties – sender and recipient – need to exchange their public keys before any transfer can take place.

The sender encrypts the file using the recipient’s public key. The recipient decrypts the file using their private key.

For integrity checking – to make sure the content hasn’t been tampered with – the sender uses their private key to ‘sign’ the encrypted file. For authentication – to check the sender is the sender you think it is – the recipient uses the sender’s public key to verify/validate the sender.

 

PGP and your file transfer solution

PGP Clients will manage the encryption/decryption automatically and are often implemented in FTP servers or as email client add-ons to secure the communication. The exchange of the public keys, however, will always be a manual process.

Any security is only as strong as its weakest point. Security-conscious organisations will usually physically exchange keys via a courier service, and set keys to expire (this is a bit like a password which expires and needs to be reset by the security team). But – as you will have gathered – the process of exchanging keys is time consuming. Most applications provide advance notice about expiring keys, so administrators can plan for the exchange to take place in advance.

Some applications allow you to create sub-keys with pre-configured expiry dates, so that you can plan ahead and have several years of automatic key replacement, avoiding potential outages. We know of some Managed File Transfer solutions that manage this process very effectively.

 

When to use PGP

PGP provides encryption at rest or can be used to protect a file at a particular stage in an otherwise non-encrypted workflow.

Let’s look at a recent example we discussed with a customer who had a PGP requirement for an accounts process. They needed to put files into a specific folder, where they would be PGP encrypted, then moved to another folder to be collected by the bank. This would by-pass a charge that the bank would otherwise make for the processes.

This requirement was driven by the fact that the bank used PGP, and the businesses needed to comply in order to save money.

The advantages of PGP:

  • Security is the big plus. PGP is generally considered more secure than symmetric encryption.
  • Even if the channel transmitting the files becomes compromised, the private keys and files remain safe. Similarly, they are safe if the channel used to share public keys is compromised.
  • Signing files is a built-in procedure, automatically authenticating the sender’s identity.

 

Disadvantages:

  • End users need to exchange keys and use their encryption technology correctly. They often accidentally send their PRIVATE keys to each other.
  • Slower performance than symmetric encryption.

Next steps

If you need to know more about secure file transfer protocols, encryption, or any other aspects of working with a Managed File Transfer (MFT) solution, take the Certified File Transfer Professional (CFTP). It is the only vendor-independent file transfer certification, equipping you with the knowledge you need to implement secure file transfer in your organisation.

Alternatively, if you are investigating which solutions have PGP capabilities, opt for our free MFT Comparison Service. Answer a series of questions about your requirements and our experts will recommend the best solution.

Need further expertise? Download our FREE resources

Choosing the right Managed File Transfer protocol

This blog post answers your questions about Managed File Transfer protocols. Which are the most widely used file transfer delivery protocols? Which should you be using and how do you identify which solution uses which protocols?

A protocol is the set of rules that determines how files are transferred from one computer to another, through a network. That might be an internal network (from one computer to another within the same network) or more commonly a Wide Area Network such as the internet.

The nature of your data and its destination will determine the right protocol for the transfer. For example, personally identifiable data and credit card information will need a secure protocol.

BASIC PROTOCOLS

FTP
(File transfer protocol)

How can it be used?

Upload/download files
Rename and delete files
Create/delete folders
Execute custom commands on server
Check integrity of files

When can it not be used?

X Secure data at rest
X Secure data in transit (FTPS can)
X Work over just one firewall port
X Provide strong authentication

FTPS
(“FTP Secured” using SSL)

 Secure data in transit
Upload/download files
Rename and delete files
Create/delete folders
Execute custom commands on server
Check integrity of files
 Provide strong authentication

X Secure data at rest
X Work over just one firewall port

SFTP
(“Secure FTP” using SSH)

Secure data in transit
Upload/download files
Rename and delete files
Create/delete folders
 Provide strong authentication
Work over just one firewall port (22)

X Secure data at rest
X Check integrity of files
X Execute custom commands on server

SCP
(“Secure CoPy”)

Secure data in transit
Upload/download files
Work over just one firewall port (22)
 Provide strong authentication

X Rename and delete files
X Create/delete folders
X Check integrity of files
X Execute custom commands on server

ADVANCED PROTOCOLS

HTTP
(HyperText Transfer Protocol)

HTTP CAN ALWAYS
Download files
Work over one firewall port (80)

HTTP CAN SOMETIMES
Upload files
Rename and delete files
Create/delete folders
Execute custom commands on server
Check integrity of files

Secure data at rest
X Secure data in transit (HTTPS can)
X Provide strong authentication

HTTPS
(HTTP Secured with SSL)

HTTPS CAN ALWAYS
✓ Download files
✓ Work over one firewall port (443)
✓ Secure data in transit

HTTPS CAN SOMETIMES
– Upload files
– Rename and delete files
– Create/delete folders
– Execute custom commands on server
– Check integrity of files
Provide strong authentication

Secure data at rest

WebDav

WEBDAV CAN ALWAYS
Download/upload files
✓ Rename and delete files
✓ Create/delete folders
✓ Work over one firewall port (443)
✓ Secure data in transit

WEBDAV CAN SOMETIMES
 Provide strong authentication

Secure data at rest
X Execute custom commands on server
X Check integrity of files

EMAIL PROTOCOLS

SMTP
To send mail

Push files as attachments
✓ Be secured with SSL/TLS
✓ Often uses ports 25, 465 or 587

Pull files from other servers

POP3
To get mail

Pull files from servers as attachments
Delete original email from servers
Be secured with SSL/TLS
Often uses port 995

X Push files as attachments
X Synchronize email folder contents
X Not supported in all email environments
POP3 is becoming obsolete

IMAP
To get mail and sync mail folders

Pull files from servers as attachments
✓ Delete original email from servers
✓ Synchronize email folder contents
✓ Be secured with SSL/TLS
Often uses port 993

Push files as attachments
X Be trusted if its key mailbox is also accessed interactively

Which Managed File Transfer protocol?

Guidance on what constitutes a secure protocol will change, adapting to stay one step ahead of cybercrime. That’s why it’s important to choose a vendor that releases regular product updates. With Pro2col’s free Managed File Transfer comparison service, you submit your requirements via a questionnaire. Our experts compare them against the different solutions and recommend the right product for you. Our experts consistently review the marketplace and only select credible solutions from credible vendors, who provide excellent support and regular software updates.

Interested in a file transfer solution?

Pro2col Cyber Essentials certification

Pro2col growth continues with achievement of Cyber Essentials certification

Pro2col Ltd have received Cyber Essentials certification, recognising our ongoing commitment to security and data protection.

“As Pro2col becomes more widely recognised for our niche expertise in data transfer and file sharing technology, we are servicing larger organisations. It is important that our already rigorous security standards are formally recognised, and we are delighted to have achieved this certification.”

James Lewis, Pro2col Managing Director

This badge reassures customers that an organisation takes cyber security seriously and will protect their data. It is issued by Bureau Veritas who are a trusted testing, inspection and certification body. You can see Pro2col’s Cyber Essentials certificate of assurance online.

This achievement comes just a few months after Pro2col secured ISO 9001:2015 certification, recognising our commitment to customer service and quality.

About Pro2col

Pro2col are independent consultants, specialising in hybrid integration platforms and secure data transfer and collaboration technology, support and professional services since 2004. We have deployed over 750 solutions for a range of different industries across 30 countries. Companies use this technology to automate regular transfers, send large files, secure data, replace home-grown scripts, move data to and from the cloud and integrate with other systems.

Could your organisation benefit from this technology? Find out more about Pro2col’s products and services. Alternatively complete the Managed File Transfer comparison and receive a free software recommendation based on your organisations unique requirements.

Interested in a file transfer solution?