A recent survey of over 500 IT pros globally conducted by Ipswitch and Vanson-Bourne in the U.S., U.K., Germany and France revealed concerns over their organization’s ability to protect data (including file transfer) and meet security compliance requirements. The results suggest that IT teams need file transfer automation to stop inadvertent data loss by end-users, while enabling the organization to participate in continuous improvement for improved data protection.
File Transfer and Data Loss
Only one third of all respondents reported that their ability to identify and mitigate risks in their file transfer processes are very efficient. As any IT security specialist knows the key to good security is continuous improvement, since employee behavior and existing processes require constant monitoring…not to mention growing external threats.
Human error was identified as the root cause by almost a third of those who admitted that their organization experienced data loss. Processing errors were identified as root cause by another third of respondents, while malicious behavior or security breach made up the remainder. Further, a research report by PwC entitled "2015 Information Security Breaches Report" states that 50% of the worst data breaches were caused by human error.
Less than a quarter of respondents overall said they address data transfer process enhancements with technology, policies, and processes that enable continuous improvement. Specifically, less than 15% said they use automation tools to address data transfer enhancements and under 10% said they authorize and enable business users to participate in updates.
The cost of data loss and non-compliance with data privacy policies is high. IT teams need the technology to enable end-users from inadvertent data loss, while empowering them for agile enhancements to meet business and security improvements.
How Technology Can Address Your Concerns
Consider the following when evaluating technology to address these data and file transfer security concerns:
- Automate file transfers – Many companies, especially in regulated industries, are choosing to replace manual file transfers with scheduled transfers and automated workflows to eliminate data loss due to human error. They may provide authorized users access to schedule or monitor transfer activity. An additional benefit can be improved efficiencies and compliance with service level agreements (SLA).
- Enable and control visibility to transfer activity – Provide business users, customers, vendors and other authorized users with access to all the status information they need to do their jobs better…and make sure to restrict access from anything else. Providing status to business users enables them to better manage their business communications to meet SLAs and limiting access to only authorized data ensures security.
- Real time alerts and monitoring – Quickly identify risks by monitoring key performance and security indicators in real time. Dashboards and notifications via text or email enable quick identification of potential risks.
- Automate governance – Automating rules and processes to align with security policies gives users the technology to help protect data and assures auditors your organization can comply with data privacy policies. It can also enable faster mitigation to newly identified risks.
- Ensure data transfer technology is integrated with other IT controls – Integrating data transfer technology with antivirus and data loss prevention (DLP) solutions provides additional confidence from data loss and may be required to meet regulatory compliance. Integration with SAML 2 directory services offers single sign-on capability to ease negative impact on users of high security authentication policies.
- Detailed access control – Enabling employees, customers, and vendors secure access to transfer services requires fine grained access control, so they only access activities and status that’s appropriate for each user or user group.