MFT transforms mortgage application process

MFT transforms mortgage application process


This use case explains how a mortgage provider used Managed File Transfer (MFT) to simplify the review and acceptance of an application. MFT completely transformed this complex process, using automation, streamlined security and more user-friendly steps for the applicant and solicitors.



A lengthy and complex mortgage application process

Previously, after a fact-find with a mortgage adviser, the completed documents would be zipped up, password protected and emailed to the applicant. The applicant would need to call in to be told the password, then would print, sign and return the form, along with proof of ID, details of income and other documents.

The mortgage adviser would receive it and then send it on to the underwriter to be approved or declined.

Once the underwriter had approved the offer, they generated an offer document, which was stored on an internal system.

Another member of staff would need to download the offer from that system, create a zip file, password protect it and then email it to the applicant and their solicitor. Both would need to call the company to get the password to access the offer document.


Streamlining the process with MFT

Using MFT’s secure email functionality, secure online forms, automated workflows and secure folders, the IT team were able to completely transform this complex process.

  • After the initial fact find, the mortgage advisor now emails the documentation directly to the applicant easily and securely, using MFT’s secure email functionality.
  • The applicant e-signs the form.
  • The email contains a unique link to a secure online form on the company website, where they upload and submit their signed form and other documents (proof of ID, income etc).
  • These documents then enter an automated workflow to be scanned for viruses and then moved to the correct folder on the network.
  • The underwriter receives an email notification, so they can review the files and accept or decline the application.
  • Once manually approved, the workflow continues, generating an offer document and transferring it to a secure folder, which can be accessed by the applicant and their solicitor.

This process saves time, reduces the complex steps and is far more customer-friendly. The mortgage advisor spends less time on manual processing and has more time to add value to applicants. The underwriter can review more applications more quickly, enabling the business to become much more efficient.

If you would like to find out whether MFT is the right solution for your business, see our online guide to MFT. This includes links to a range of free downloadable resources.

Need further expertise? Download our FREE resources

Secure file sharing: Don’t risk a breach from sharing personal data

Secure file sharing: Don’t risk a breach from sharing personal data


When businesses think about cyber security, their thoughts usually jump to phishing scams, malware or other deliberate theft or sabotage. Yet every day businesses are breaching their own security policies and risking compliance. The cause is employees sharing personal data via email or consumer-grade file sharing apps. These aren’t the right tools for the job, so it’s essential to equip staff with secure file sharing technology and knowledge to protect your organisation’s data.



Email is one of the biggest problems. Businesses rely on it so much to communicate back and forth, that employees often send things without thinking. Attaching a customer file or patient record is an easy mistake to make. But, in a typical email setup, the servers don’t encrypt the email attachment, so it is not secure. That may constitute a breach of the General Data Protection Regulation (GDPR), the risk of a fine and damage to your reputation.

Email doesn’t provide any guarantee of delivery either, or visibility of the transfer, which is another must for compliance.


File sharing apps

If a member of staff needs to send a large file and it’s too big to attach to an email, they often jump onto a file sharing application like WeTransfer or Dropbox. But consumer-grade applications lack in-built security. Again, there’s no audit trail of the transfer and you end up with multiple versions of files sitting in various locations, which no one else can access to wipe if that member of staff leaves. Not all of these solutions will confirm where a file is held either so you may have data stored outside of the EU.


Secure file sharing

Anything including sensitive, personal or valuable data – like company IP – needs to be handled very carefully. Our advice is to add a secure file sharing solution to your IT infrastructure, to encrypt and securely transfer files. These are sometimes called secure email, ad hoc, or Electronic File Sync and Share (EFSS) solutions.

Most will provide a plug-in to your email client, which makes it easy to use and accessible. Some can be configured to automatically secure emails under certain conditions based on your IT security policy, so employees don’t even need to know it’s there. There are no file size limits either, and IT maintain a full audit trail. These solutions often support file collaboration between your employees and external partners too, which is an added bonus.

Full features of a secure file sharing solution include:

  • Access control / permissions
  • Secure data wiping
  • Secure protocols (HTTPS and sometimes SFTP & FTPS)
  • User authentication
  • Auditing and reporting
  • Encryption of files (PGP or AES)
  • Administrator overview
  • Data residency within the EU


If you think you need a secure file sharing solution, our free bespoke software comparison service will save you weeks of research time and identify the right solution for you. It is informed by over 15 years’ experience delivering secure file transfer solutions, a deep understanding of user needs and continuous review of the multiple vendors on the market.

You complete a series of questions about your current and future business requirements, and receive a bespoke report from our technical consultants recommending the best solution for your needs and budget. You can either complete the ad-hoc or Managed File Transfer (MFT) service, depending on what you need the solution to deliver.


Use this service if you are looking to address person-to-person file sharing only, as outlined in this blog.


Use this service if you also need to automate transfers and integrate between applications.

Need further expertise? Download our FREE resources

Three big things wrong with the Software Reviews Info-Tech MFT Data Quadrant

Three big things wrong with the Software Reviews Info-Tech MFT Data Quadrant

There’s been a lot of talk in the Managed File Transfer (MFT) space about the recent Software Reviews Info-Tech MFT Data Quadrant. The report claims to ‘provide a comprehensive evaluation of popular products in the Managed File Transfer market’.

As independent MFT experts with over 15 years’ experience reviewing products, we wanted to provide our take on this report. Our advice is very clear. This is not an accurate representation of the market, and here’s why.


Pictured: Info-Tech MFT Data Quadrant, from HelpSystems website.

1. Definition of MFT

Info-Tech’s understanding of what constitutes MFT is fundamentally flawed. Of the ten products on the Data Quadrant, four aren’t actually MFT, so it’s not comparing like-for-like.

MFT solutions allow data to be transferred in a controlled, secure fashion, both inside and outside an organisation, between systems and / or users. This includes:

  • System-to-system transfers, such as automated batch transfers or workflows with a series of actions;
  • Transfers between people and systems, such as data capture forms with ongoing automated workflows;
  • Person-to-person or ‘ad hoc’ transfers.

The following four products are not MFT:

Accellion: This is a secure file sharing and collaboration solution only.

Adobe Send & Track: For ad hoc large files.

Citrix ShareFile: Electronic sync and share, for document collaboration.

LeapFile: For ad hoc person-to-person only.

2. Products missing from the Info-Tech MFT Data Quadrant

Only vendors who have paid for the report are able to market what it says about them. This is not independent and it is not a review of the complete market place.

While we firmly agree with the placement of HelpSystems GoAnywhere MFT and Ipswitch MOVEit, who were acquired by Progress earlier this year, there are several other market leaders not included on the Data Quadrant:

Globalscape EFT Server would score highly on both the ‘Feature’ and ‘Vendor’ matrix.

Coviant Diplomat MFT is benefiting from a lot of development at the moment, making it a likely player in the ‘Product Innovator’ quadrant.

We would also recommend Cornerstone MFT from South River Technologies (SRT) as a very good budget solution.

Other credible vendors missing from the quadrant include Axway, Seeburger, Jscape, Cleo and more…

3. Niche or incompatible products

There are several products on the Data Quadrant that just aren’t viable products for the majority of businesses. That’s either because they lack the development, are not enterprise-ready, or are niche to specific industries:

Oracle MFT: Our most recent market research identified there were only around one hundred Oracle MFT customers worldwide. Most of these sales came about to prevent customers discontinuing with their middleware product. There has been little development recently and their roadmap is limited.

SolarWinds Serv-U: This is a budget solution and not something we would recommend for enterprises. Since its acquisition by SolarWinds, the technology hasn’t kept pace with technical innovation and is now a long way behind other vendors. By using a Java web browser plugin, the adoption and usability of their product – especially in risk adverse enterprise environments – will be compromised. This feature is well behind the curve.

FileCatalyst: This is primarily for use within the media industries, with an emphasis on fast file transfer. It doesn’t have the necessary breadth of file transfer protocols or automation options to make it a mainstream MFT player.

IBM Managed File Transfer: This is ensconced in the banking/finance industry, built around their own delivery protocol (NDM). It’s an expensive solution, without the breadth of delivery protocols to make it a mainstream MFT player.


If you are looking for an MFT solution, we strongly advise against using the Info-Tech MFT Data Quadrant for guidance.

Most MFT solutions have the same features but differ in the level of detail and complexity, and how they are delivered. The only way you will be able to identify the right one for your business is to fully scope your requirements. Make sure you look at the vendor closely too and see what their previous development release schedule is like from published release notes. These are the factors that will determine whether your implementation is a success and will ensure you back a vendor that should meet your future needs too.

If you need help, use our free comparison tool, which asks the right questions. You enter your requirements, giving as much detail as you can, and our experts will recommend the right solution for your current and future needs and budget. It’s completely free and there’s no obligation to buy through us.

Interested in a file transfer solution?

Open Source Managed File Transfer Software: Current & Past Options

Open Source Managed File Transfer Software

Current & Past Options [Updated January 2019]


If you are looking for an open source Managed File Transfer (MFT) solution, this blog is for you. It’s written by Pro2col Managing Director James Lewis, who is a self-confessed file transfer geek with over two decades’ experience working with file transfer technologies and vendors. He’s been following open source projects for many years and regularly updates this blog as new options become available.


I originally wrote this post back in July 2012, after a number of requests for open source MFT from potential customers. They’d found us via our website, which clearly promoted a wide variety of commercial products, with no reference to open source, however they were only interested in open source options.

Free clearly doesn’t pay the bills, but being a bit of an industry geek, I decided to do the research and find out what was available. I identified a couple of SourceForge projects, which I’ve been following over the years.

For the record, I’m a fan of open source. Our previous Technical Director was a thrifty Northerner, who converted me. We ran various elements of the business very successfully on open source projects. Our support ticketing system was based on OTRS and our monitoring system used Nagios. Both were mature applications, widely used in the open source community and provided considerable functionality at a price that suited!



When it comes to open source MFT though, the landscape is patchy at best. Open source FTP servers exist in abundance and can provide the landing point for incoming and outgoing files, but open source MFT projects appear to be scarce. I suspect that this is because MFT hasn’t been one of those technologies that every company deploys.

Recent changes in EU regulation in the form of GDPR, also impacts this space. GDPR legislation requires increased levels of security, audit trails and reporting on any transfers involving personal data. (See our blog posts Encryption at rest for GDPR and Where is your data going and why?)

Open source MFT trends

My research over the past 6-7 years has highlighted a few trends that don’t bode well for open source MFT projects, and may be a reflection of the wider open source landscape. In general, they have slotted into the following categories:

  • The company is acquired and the free option is removed. Some or all of the functionality is incorporated into a commercial offering.
  • The part-time developer gets a contract or new job and the project gets shelved.
  • The project is labeled as MFT, but doesn’t contain the key functions of all commercial offerings in the market.
  • Commercial vendors offer a pseudo open source product with limited functionality and encourage migration to their commercial solution.

Genuine open source projects

There are just two genuine projects that I’ve found so far. I couldn’t recommend either, as I’ve not invested any time personally or asked our technical consultants to review them, however they have ongoing development and support packages.

Yade – an open source project, previously going under the name of SOSFTP. This project has been around since at least 2012. SOS Berlin lists a number of customers on their website and provides support and consulting packages. Currently my favourite option, based upon the length of time they’ve been around.

WAARP – a relative newcomer to the market but it looks to have all the basics covered. It also provides commercial support options and their website provides visibility of who is involved in the project. This is certainly one to watch.

If you’re a user of either Yade or WAARP, I’d be interested in hearing from you. I’m keen to understand how complete the project is, how responsive the development team are and what your experience of their support offering has been like.

Free products from commercial vendors

As I’ve already mentioned, these tend to be products with limited functionality, which will ultimately encourage migration to a commercial solution.

Coviant Diplomat OpenPGP Community Edition – This is a free OpenPGP tool to automate PGP encryption and decryption.

Coviant Diplomat Cloud Storage Community Edition – A free tool to PGP-encrypt files being transferred to cloud storage sites.

HelpSystems Free FTP Server – this is a free edition of GoAnywhere MFT, with administrator dashboard, extensive security, audit reports and more.

FTP Voyager – A free GUI FTP client, FTPS client and SFTP client software for Windows. The main interface is similar to dozens of other FTP clients, but it also includes powerful scheduling utilities and synchronisation utilities for free.

Some open source MFT that is no more

These are some of the open source projects that I have been following, which are no longer available:

Policy Patrol by OPSWAT – has now become Metadefender Email Security. The Managed File Transfer element of the open source project appears to have been shut down.

ShieldShare by BlockMaster – now appears to be part of the DataLocker stable but their focus is on encrypted storage. It’s unclear whether the product was acquired for the encryption capabilities. Project shut down.

Appterra – their open source supply chain integration platform with Managed File Transfer capabilities was acquired by Descartes. The open source project has been shut down.

DivConq MFT – a SourceForge project that looked promising but the developers seem to have ended the project and the associated website has closed down.

Karonte – positioned as an open source Managed File Transfer solution but it doesn’t have the basic functionality we consider critical for MFT.

In conclusion

Whilst the open source marketplace can be a fantastic resource for some business applications, MFT isn’t currently one of them. If your business is in the tech space or you’ve got an extensive development and technical team, then open source MFT may be a viable option for you.

However, MFT is mission critical for almost all of our customers. Many come to us looking to mitigate the security and compliance risks associated with supporting a bespoke or homegrown solution. Unmanaged in-house scripts in particular are one of the biggest risks to an organisation’s GDPR compliance. Additionally, as developers and contractors move on, companies get stuck with a solution without documentation, no training and no one to make changes or fix faults.

If you’d like to discuss your MFT requirements and the impact of GDPR, I’d be pleased to talk them through with you. You may be surprised at how much bang you get for your buck these days in commercially available products. You can contact us via the web form, or call 0333 123 1240.

Need further expertise? Download our FREE resources

Choosing the right Managed File Transfer protocol

This blog post answers your questions about Managed File Transfer protocols. Which are the most widely used file transfer delivery protocols? Which should you be using and how do you identify which solution uses which protocols?

A protocol is the set of rules that determines how files are transferred from one computer to another, through a network. That might be an internal network (from one computer to another within the same network) or more commonly a Wide Area Network such as the internet.

The nature of your data and its destination will determine the right protocol for the transfer. For example, personally identifiable data and credit card information will need a secure protocol.


(File transfer protocol)

How can it be used?

Upload/download files
Rename and delete files
Create/delete folders
Execute custom commands on server
Check integrity of files

When can it not be used?

X Secure data at rest
X Secure data in transit (FTPS can)
X Work over just one firewall port
X Provide strong authentication

(“FTP Secured” using SSL)

 Secure data in transit
Upload/download files
Rename and delete files
Create/delete folders
Execute custom commands on server
Check integrity of files
 Provide strong authentication

X Secure data at rest
X Work over just one firewall port

(“Secure FTP” using SSH)

Secure data in transit
Upload/download files
Rename and delete files
Create/delete folders
 Provide strong authentication
Work over just one firewall port (22)

X Secure data at rest
X Check integrity of files
X Execute custom commands on server

(“Secure CoPy”)

Secure data in transit
Upload/download files
Work over just one firewall port (22)
 Provide strong authentication

X Rename and delete files
X Create/delete folders
X Check integrity of files
X Execute custom commands on server


(HyperText Transfer Protocol)

Download files
Work over one firewall port (80)

Upload files
Rename and delete files
Create/delete folders
Execute custom commands on server
Check integrity of files

Secure data at rest
X Secure data in transit (HTTPS can)
X Provide strong authentication

(HTTP Secured with SSL)

✓ Download files
✓ Work over one firewall port (443)
✓ Secure data in transit

– Upload files
– Rename and delete files
– Create/delete folders
– Execute custom commands on server
– Check integrity of files
Provide strong authentication

Secure data at rest


Download/upload files
✓ Rename and delete files
✓ Create/delete folders
✓ Work over one firewall port (443)
✓ Secure data in transit

 Provide strong authentication

Secure data at rest
X Execute custom commands on server
X Check integrity of files


To send mail

Push files as attachments
✓ Be secured with SSL/TLS
✓ Often uses ports 25, 465 or 587

Pull files from other servers

To get mail

Pull files from servers as attachments
Delete original email from servers
Be secured with SSL/TLS
Often uses port 995

X Push files as attachments
X Synchronize email folder contents
X Not supported in all email environments
POP3 is becoming obsolete

To get mail and sync mail folders

Pull files from servers as attachments
✓ Delete original email from servers
✓ Synchronize email folder contents
✓ Be secured with SSL/TLS
Often uses port 993

Push files as attachments
X Be trusted if its key mailbox is also accessed interactively

Which Managed File Transfer protocol?

Guidance on what constitutes a secure protocol will change, adapting to stay one step ahead of cybercrime. That’s why it’s important to choose a vendor that releases regular product updates. With Pro2col’s free Managed File Transfer comparison service, you submit your requirements via a questionnaire. Our experts compare them against the different solutions and recommend the right product for you. Our experts consistently review the marketplace and only select credible solutions from credible vendors, who provide excellent support and regular software updates.

Interested in a file transfer solution?

Managed File Transfer software comparison

Managed File Transfer software comparison 

[Updated – September 2018]

Are you doing a Managed File Transfer software comparison? With over forty products on the market, where do you start?

Globalscape EFT, HelpSystems GoAnywhere, Cornerstone from SRT, Ipswitch MOVEit and Cleo Harmony are all excellent Managed File Transfer products that we recommend to customers. But even from this shortlist, which is the right one for your organisation?

Every business has a unique set of requirements and each solution delivers its feature-set differently. There are so many factors that will determine if your implementation is a success. Sourcing the wrong product will cost you more in the long run.

Pro2col’s free comparison service identifies the right solution for your needs and budget. You complete a series of questions about your current and future business requirements, and receive a bespoke report from our technical consultants, recommending the best solution for you.



You will save weeks of research time by completing this questionnaire, making use of our technical consultants’ knowledge and expertise.


Pro2col experts have been delivering secure file transfer solutions since 2004 across 30 countries. Each technical consultant has a minimum of seven years’ experience working with this niche technology. We are also providers and developers of the only file transfer certification, CFTP.


Software vendors will want to sell you their product, but our technical experts independently analyse the best solution for your unique requirements. They consistently review the marketplace and only select credible solutions from credible vendors, who provide excellent support and regular software updates.


Your internal processes and current / future business requirements will determine which solution is the best fit. That is because different software differs in how it delivers the same set of features – the level of detail makes all the difference. Our free Managed File Transfer comparison service asks you the right questions to recommend an exact fit for your organisation, making sure your implementation is a success.

The questionnaire prompts you to consider the following criteria: Key infrastructure questions you need to think about when comparing MFT software; how your solution will be impacted by other policies within the business; requirements for automated transfers
Transfer protocols, which will depend on the security requirements for the data (eg: personally identifiable data, credit card information);
which cloud services you need to connect to; which standards you need to comply with (eg: GDPR, PCI DSS).