<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1678611822423757&amp;ev=PageView&amp;noscript=1">
Defrag This

| Read. Reflect. Reboot.

How to Choose the Right Managed File Transfer Architecture

Michael O'Dwyer| August 27 2018

| security

how-to-choose-the-right-managed-file-transfer-architecture

For the purposes of this post, we are concerned with two relevant options, namely File Transfer Protocol (FTP) and Managed File Transfer (MFT). The second, being managed, obviously offers more features than a standard file transfer solution. But, which offering is best for your company?

Companies, regardless of size (from sole proprietorship to large enterprise) or industry, must ensure data security. This is often complicated by the fact that some of their core business processes require data movement outside of the organization.  Regulatory and compliance requirements may also complicate matters, especially during audits. Therefore, it is necessary to choose the right managed file transfer architecture for your business needs.

Whether it’s on-premises or offsite, both options share features and both can be used in all solutions offered by web hosting providers whether dedicated servers, shared hosting or virtual private servers (VPS). Monitoring file transfer as part of a backup to network-attached storage (NAS) or as part of a disaster recovery program is also an important consideration.

If we assume that everyone uses FTP to some extent, then all we need to consider is if the additional features available in a managed file transfer solution are necessary or not. Let’s consider those who must use a managed solution, whether for transparency or external requirements.

Say goodbye to end users using Dropbox and Google Drive. MOVEit makes file  transfers easy for users. Try MOVEit today.

Who Benefits From A Managed File Transfer Solution?

FTP may be adequate for those transferring routine documents on an intermittent basis but In many cases (such as CAD drawings, schematics and other proprietary information), you may want to be careful to implement strong security and control processes. FTP servers are notorious targets for cybercriminals and most implementations outside of regulated industries are security lax.  A good rule to go by is that, if you have data worth hacking, an MFT solution is best.

In addition to protecting against intellectual property theft, companies that process financial data, healthcare information or any other personally identifiable information (PII) should consider an MFT solution. In fact, FTP deployments usually lack the control and security features required by auditors.  Most often implemented in departmental silos, FTP (including SFTP) deployments often lack centralize logging and reporting, integration with corporate identify and authentication systems and PGP encryption of files at rest.  In most cases, the controls necessary to meet regulatory and compliance requirements in both the financial and healthcare industries are only possible in an MFT environment.

Related: What Is An FTP Sprawl?

Increase Your Security and Compliance With Managed File Transfer

In the modern IT landscape, security is a pressing concern for all companies and general security awareness is perhaps at all-time high, with most being aware that no company is too small to be hacked. It is for this reason that secure file transfer is essential. With an effective managed file transfer solution, enhanced security is achievable. Additional features include but are not limited to:

  • Enhanced access control–Controlling access to proprietary data and related transfer permissions is achievable with FTP solutions but very few offer role-based privileges , multi-factor authentication and centralized logging.
  • Added visibility–MFT exceed server logs and allows full visibility to access and activity tracking and changes to workflows.
  • Data at rest security–MFT offere protection against malware and other potential threats with PGP encryption of files at rest.
  • Easily integrated with other security products–everything from antivirus to data loss prevention (DLP) products.

It is also worth noting that managed file transfer solutions can protect data even when online storage solutions such as Google Drive are used. This is an important consideration. Ideally of course, sensitive documents should not be shared on public cloud storage and could be disastrous in the event of an e-discovery litigation.

High Performance Matters

In addition to security, ease of use and secure web and email access, high performance is essential. Improved performance leads to increased productivity and MFT also helps in this area. Automation obviously frees up an administrator’s time and an automation tool goes far beyond the workflow scripts of FTP, reducing creation and scheduling times and related request backlogs.

Interruption of the file transfer process can be disruptive, especially if it goes unnoticed. MFT offers guaranteed delivery where sender and recipient are granted access to a file after integrity checking. FTP offers server failover but MFT solutions can also help a company implement a disaster recovery solution that ensures remote backup of all data and related databases for rapid restoration in the event of server failure or corruption. This an important consideration that aids business continuity and prevents reputational damage if the worst happens.

Get advanced workflow automation capabilities without scripting. Try a free  trial of MOVEit Automation today.

DIY and Expansion

“But I already use FTP or have recently implemented an MFT solution,” you cry. No need to panic, upgrading to MFT is easy and if on MFT, hopefully, your solution incorporates all the following characteristics (If it doesn’t, my condolences. Perhaps you should consider another option.) Your proposed MFT solution (if you need one, based on previous observations) should include but is not limited to:

  • Ease of use–Obvious but not to be ignored. If an MFT solution is too complex, then it wastes time in training and configuration. When your admin can manage all aspects of the solution in-house it reduces the expense and time of managing third-party consultants.
  • Security–Again, obvious but the primary consideration is confirming that the proposed solution offers the integration and security features that you need.
  • No Vendor Lock-in–If the solution locks you into specific hardware and doesn’t allow you to mix and match from multiple approved manufacturers then… that’s bad. You need a tool that caters to your unique IT landscape, not the other way around.
  • Audit Features-The MFT solution must allow you to configure for all the internal process, regulatory and compliance audit requirements you need. Reporting is a key feature in this area.
  • Mobility-Are transfers from mobile devices catered for?
  • Cost–A key deciding factor for many. As mentioned above, in-house management of the MFT solution is essential. In addition, companies must consider the cost of expansion as users and connected devices increase. Is there a data cap or other limitation that could increase costs? How about addons and related costs? Also consider the amount of time it takes to manage and maintain basic FTP servers. MFT can eliminate these time and labor costs.
  • Development–Companies that need to customize the MFT solution inhouse may require a development license. Is the cost prohibitive?

In conclusion, like any other device or application in the IT world, MFT solutions are not created equal. How does your existing file transfer process compare with the features offered by an MFT solution? Why not review a sample checklist to identify the best solution for your company? Additional performance/speed considerations are down to your infrastructure. The speed of your broadband connection, use of solid-state drives (SSDs), server type and use of virtualization will all influence speed of transfer, whether FTP or MFT is employed.

Topics: security

Leave a Reply

Your email address will not be published. Required fields are marked *

THIS POST WAS WRITTEN BY Michael O'Dwyer

An Irishman based in Hong Kong, Michael O’Dwyer is a business & technology journalist, independent consultant and writer who specializes in writing for enterprise, small business and IT audiences. With 20+ years of experience in everything from IT and electronic component-level failure analysis to process improvement and supply chains (and an in-depth knowledge of Klingon,) Michael is a sought-after writer whose quality sources, deep research and quirky sense of humor ensures he’s welcome in high-profile publications such as The Street and Fortune 100 IT portals.

Free Trials

Getting started has never been easier. Download a trial today.

Download Free Trials

Contact Us

Let us know how we can help you. Focus on what matters. 

Send us a note

Subscribe to our Blog

Let’s stay in touch! Register to receive our blog updates.