Secure Data Transfer with FTP Alternative MFT

Security concerns related to FTP were one factor that produced a series of developments leading to the Secure FTP, Secure Copy Protocol (SCP), FTP over SSL (FTPS), and SSH File Transfer Protocol (SFTP). A new addition was made in 2008, Managed File Transfer (MFT), in which all files to be transferred are encrypted not only en route but also during storage on the server or on share points. Core functionalities of MFT include secure transmission and data storage coupled with reporting and auditing of data activities. MFT differs from all other types of infrastructure in that it allows the transfer of very large files. Businesses use MFT over public networks to exchange large amounts of data with business partners across different sites, regions, and time zones safely, reliably, and quickly.

All MFT solutions are similar: They consist of a server on which files of any size can be provided and a system that manages the access and usage rights. The main difference between MFT and insecure technologies is that files are encrypted for storage on the server and are not accessible to unauthorized persons. With MFT, the data is encrypted on the sender’s side, and only the authorized recipient can download and decrypt the files. Data is safe not only during transport, but also in temporary storage. When choosing the encryption strength of the MFT system, you should opt for the secure 256-bit AES standard. Some solutions have an additional security option involving data segmentation, wherein the files are divided into small segments before transmission, transmitted in random order, and re-assembled by the recipient.

This method is known as “managed” file transfer because, generally, either the sender communicates the available file downloads by email, or the managing system runs checks against a personal overview. This function is used in many solutions as proof of the successful delivery of data to the receiver. Logging ensures additional security because logfile analysis can detect transmission errors or unclaimed downloads and inform the consignor accordingly. Typically, you can also limit the validity of files. In this case, a file can be downloaded up to a certain date or only a certain number of times. These management functions, compared with FTP and the like, represent added value and allow reliable proof of delivery.

Documents sent by MFT via email are not subject to the usual size restrictions. When sensitive information or a large attached file is sent by the user, the email body and the attachment are decoupled. Only a link in the email refers to the attachment; physically, it usually remains encrypted in local storage on an MFT drive or server. The email recipient can then download by clicking the link to the encrypted file on the sender’s MFT server. Integrated upstream authentication is also possible for highly confidential files, wherein the recipient logs on to an MFT portal and then downloads the file after their access credentials have been verified. Normally, the sender receives a message about the attachment being downloaded successfully.

A solution built into Exchange is capable of rules-based classification, wherein predefined policies determine, before transmission, whether a certain file is classified as confidential. Rules can be based, for example, on the sender address, recipient address, file type of the attachment, attachment size, or original location of the attachment. In this way, internal mail can be treated differently from external mail, for example. Some MFT solutions provide widgets for the reception of files from third-party companies, supporting file exchange through internal MFT servers.

Popular posts from this blog

The Difference in Access Point and Wireless Router

The Characteristics of Cloud Computing