Why Managed File Transfer is gaining currency
In today’s fast-paced business world, Managed File Transfer (MFT) is a secure solution that allows organizations to share files within their company, or with external users. These files are usually confidential in nature, and of a type that cannot easily be trusted by conventional mechanisms such as email, or they can be large files such as videos, drawings, or PST files.
What is Managed File Transfer?
Managed File Transfer is a secure solution that allows organizations to share files within their company, or with external users. These files are usually confidential in nature, and of a type that cannot easily be trusted to conventional mechanisms such as email, or they can be large files such as videos, or drawings or PST files.
Why is it different from regular file transfer?
Every organization needs to share data with entities outside their secure office networks and there are admittedly several ways to share and transfer files. But, the issue for enterprises usually is that the files or data that needs to be shared may be critical and confidential in nature, and legacy file sharing methods cannot adequately guarantee protection and security. The main concerns tend to be:
1. Is the data protected both in transit and at rest?
2. How can the organization limit misuse?
3. How secure is the file transfer solution?
4. Does it preserve privacy?
Managed File Transfer solutions are designed to address many of these concerns. They not only enforce secure file transfer, but they also place a broad spectrum of controls at the disposal of the enterprise IT administrator allowing the file transfer process to be “managed” in a manner that suits the business. Simply put, it is a secure and reliable file transfer process, but with a lot of controls that a business can exercise over it.
Reasons why enterprises need Managed File Transfer
1. Concerns of Data Loss / Leakage
The biggest fear around letting business employees use conventional file transfer mechanisms is that valuable business data could be lost or stolen. Managed File Transfer solutions mitigate this threat by allowing a wide range of controls that enterprise IT Administrators can control via policies. File types that are allowed (or disallowed) for sharing, email domains that are allowed (or disallowed) for sharing, automatically self-destructing URL links, multi-factor authentication, auto-expiring User IDs, automated aging of data, etc. are some of the policy-based controls that enterprise IT teams have come to expect from a Managed File Transfer solution.
2. Secure communication channels
While policies can be used to limit sender and receiver freedoms, there is also the matter of how safe the data is on the wire. An important aspect of all Managed File Transfer solutions is a secure communication channel. Trusted transport protocols like SSL/TLS over https are preferred today over protocols like SSH or SFTP. Modern solutions also are expected to operate under a Zero Trust security stance. Security controls such as Multi-Factor Authentication, Brute Force Password Protection and Anti-Malware scanning have become standard fare.
3. Regulatory Compliance
A number of businesses need Managed File Transfer solutions for regulatory compliance such as in the case of Sarbanes Oxley (SOX), HIPAA, or GDPR. A number of such regulations need ‘proof’ of compliance in the form of logs and other evidence to prove that the business has been following best practices and doing its best to stay compliant. Many Managed File Transfer solutions include detailed audit logs of user and administrator actions which become necessary for compliance.
4. Privacy – encryption key control
Some Managed File Transfer solutions will also allow customers control over the encryption keys used to protect data when stored at rest. Encryption or anonymization of data is an important step to take for compliance. But encrypting data and retaining control over the keys (as opposed to trusting the Managed File Transfer SaaS solution) demonstrates ‘separation of duties’ which is a higher bar to attain. Being able to prove to a regulator that data was not only encrypted but further encrypted with a separation of duties will put businesses in a less vulnerable position from a regulatory standpoint – in the event of a breach.
How Parablu’s BluSync™ for Managed File Transfer can help
1. Better Security
Parablu’s BluSync is designed to work on the principle of Zero Trust. It integrates with Identity Management solutions like Active Directory, Azure Active Directory, and Okta. Organizations can easily enable multi-factor authentication, Brute force password protection, and anti-malware scanning as required.
BluSync also ensures that only you (as an organization) control the keys while keeping data in the cloud, and helps to strictly enforce a Segregation of Duties or a Separation of Duties, as explained above. When done correctly, Segregation of Duties is a security measure that ensures no two parties can perform the same part of a critical process or function. By dividing responsibilities and limiting access to information & data on a strictly need-to-know basis, organizations can significantly reduce risk as only they are responsible for controlling access to their data – which they can do by protecting and changing their encryption keys when they wish.
2. Data Secured at Rest
BluSync provides an organization the ability to transfer files of any size or type, in a safe and controlled manner. It works by protecting the file meant for transfer in a secure cloud container without compromising the integrity or confidentiality of the content. A file or folder can be accessed, edited, and sent back via the same secure ecosystem, protected every step of the way.
3. Data Secured in Flight
All BluSync traffic is exclusively transmitted on https using TLS 1.2 with strong ciphers. All data is safe when in flight and the only port that is used for communication is port 443. No other ports (like port 22 etc.) need to be opened.
4. Regulatory Compliance
More than ever, it has become a legal requirement to protect data. Penalties for non-compliance with regulations are steeper than ever. And, apart from the regulatory fines and opportunity costs, there is also the public-relations damage that the company would have to endure and potentially never recover from. Ensuring fully-encrypted file transfer solutions is one of the critical requirements for GDPR compliance and BluSync for Managed File Transfer is designed to help organizations meet their regulatory compliance, including GDPR.
BluSync also equips administrators with a full audit log of all actions. Who logged in/out, who shared what file, when, and from which system and who received/downloaded these files – are all recorded. All reports are always available to administrators and can be downloaded in pdf/xls form or even scheduled to be auto emailed. Reports can be configured to be generated for a given time interval, by username, or by user groups.
GDPR fines enterprises as high as 4% of annual revenue or €20 million – whichever is higher. In fact, Google and Facebook were hit with lawsuits to the tune of $8.8B the very day GDPR came into effect. Source
5. Information Rights Management
BluSync allows organizations to control everything their users can do via simple policies. It allows Administrators to specify file types that can be shared, set file size limits, quota limits, enforce highly secure sharing and identify safe vs unsafe email domains along with read/view-only access or download restrictions.
Other Important Considerations:
1. Version control
BluSync ensures all data is automatically version controlled, which means that an organization can be sure that their employees are always working on the latest version of the file with the option to rewind back to previous versions if needed. Also, employees can track document changes across multiple data sources and devices.
2. No Cloud restrictions
BluSync is designed to overcome limitations inherent in most cloud storage – like file size limits, path lengths, and special character restrictions. Organizations can utilize their cloud storage allocations effectively without subjecting their users to any of the aforementioned limitations.
4. Use of OneDrive and Google Drive
BluSync also has the unique ability to leverage existing OneDrive and Google Drive storage an enterprise may already have subscribed to. Unlike other SaaS-based Managed File Transfer vendors, BluSync doesn’t lock customers into a ‘Parablu cloud’ or force use of AWS cloud storage on them. In fact, by leveraging OneDrive or Google Drive, BluSync drives down the Total Cost of Ownership around the solution by making storage costs effectively Zero.
5. Business-friendly licensing
A lot of Managed File Transfer happens with external stakeholders – who tend to be temporary in nature. Data may be shared just once in many cases, or even if there is repeated sharing with an external stakeholder, such engagements tend to be project-driven and temporary. Having recognized this, BluSync supports the concept of a temporary or a ‘floating’ user license. These are auto-expiring licenses that can be reused for an alternate user after a period of inactivity (such as 30 days or 45 days). Such licenses can be purchased at a discounted cost in addition to fixed licenses a business invests in for their employees.