I just finished reading a great article in Network Computing titled “Managed File Transfer Asserts Data Governance In Transit”. Author Neil Roiter hit the nail right on the head by calling out the importance of visibility and governance over person-to-person file transfers. And if you don't believe us, just ask any eDiscovery judge!
Sure, organizations absolutely positively must carefully consider how to transfer staggering volumes of data between systems and servers, both inside and outside the organization – all with management, policy enforcement and visibility capabilities.
That being said, individual employees are sending files to other people too… And unless IT provides them with an easy-to-use process to accomplish this, they will find their own ways, such as personal email accounts, USB drives, online file sharing services, etc.
Increased focus on data security, governance, regulatory compliance and eDiscovery has really put pressure on IT to not only have complete visibility into the processes involved in data transfer, but ALSO THE PEOPLE. Frank Kenney, sums it up well in the article:
"MFT can bring (person-to-person) file transfer under the corporate governance umbrella. We can give people ad hoc technology and enforce the use of those technologies. We make capabilities dead easy to easy and enterprises have the right policies in place about how to use them. MFT products provide visibility and validation through dashboards, reporting, real-time updates on data transfer and audit trails.
Some day, an eDiscovery judge may ask you to provide an audit trail with proof of chain-of-custody for a particular file that has bounced around your company and between people. Here are just a few questions you'll need to be able to answer: Who sent what? When? Where? To whom? Was it encrypted? And did it get there?
What will your answer be?