Share and Enjoy

Integrating applications improves speed, efficiency, and business process innovation. And thanks to today’s interconnected, globalized workplace, the need for robust application integration holds more urgency than ever before.

That being the case, it should come as no surprise that managed file transfer (MFT) technologies aren’t exempt from the application integration trend. In fact, an MFT solution’s ability to integrate with other business-critical applications is uniquely important since so many processes depend on file transfer, both within and outside the enterprise.

Let’s look at how an effective MFT solution handles application integration. We’ll also discuss how it should leverage LDAP and Active Directory support.
MFT and application integration
One of the biggest drawbacks of homegrown file transfer solutions has always been their lack of integration with other front and backend IT systems. Consider an organization on the cusp of instituting corporate BYOD guidelines. How will it account for users transferring files via Apple’s iOS when its file transfer solution only integrates with the Outlook desktop client?

Hint: users will still transfer files, albeit via unmanaged, insecure methods.

Unfortunately, the problems many organizations experience as they attempt to reign in control of file transfer activities are rarely this straightforward. Integration needs are often numerous and complex, requiring an MFT solution with extensive flexibility.

That’s why organizations should focus on MFT technologies with open standards, SOAP and JMS interfaces, Java classes, and open APIs. As we concluded in a white paper on market demands for MFT solutions, these components facilitate application integration across the corporate spectrum and deliver the scalability necessary to evolve with changing business needs.

What about LDAP and Active Directory?
Support for LDAP and Active Directory is key to the success of many MFT integrations. But before we delve into why, let’s remind ourselves what these concepts are about (you can always refer our MFT glossary for definitions).

LDAP, or Lightweight Directory Access Protocol, helps applications access a server hosting a directory. Directories usually contain data about individual users such as – and this is what matters for MFT – their specific network privileges. Active Directory, on the other hand, is a type of directory that uses LDAP to “talk” to applications requiring information about user privileges. It’s the directory service Microsoft created for Windows environments.

Why is support for LDAP and Active Directory so vital for MFT integration? Here are a few reasons:

Ubiquity – A Microsoft service, Active Directory is extremely prevalent across enterprise, so supporting it is absolutely necessary.
Application access – Many applications an organization seeks to integrate with MFT will depend on LDAP and/or Active Directory to obtain user data; the MFT solution, in turn, will need to use directory data to integrate with the existing applications.
MFT access – As authorization and authentication are critical for ensuring the security of data in transit, MFT solutions need to pull data from existing directory services via LDAP.

An MFT solution doesn’t integrate with LDAP/Active Directory, per se. Rather, it uses the data they provide in order to integrate with other applications. Since flexible application integration depends on support for common directory standards and implementations, no viable MFT solution should lack support for them.

So, how does your file transfer solution handle application integration and support for common directory protocols and services? Is it a homegrown solution that’s struggling to keep up with technology? Or are your users still sharing in DropBox?

Regardless, you should always expect an MFT solution to integrate seamlessly with existing applications. Modern business realities depend on it.

This is the eighth post in a 10-part series on managing file transfers. Read rest of the series here. Be sure to subscribe to our blog to receive the next posts.

Share and Enjoy

Share and Enjoy

Expansive feature lists can make any managed file transfer (MFT) solution sound attractive. But what counts are the features you’ll use, and identifying them prior to actually implementing MFT can generate a storm of confusion.

While every organization should determine which features matter most to them, there are some components no MFT solution should be without. Some of those are antivirus protection, file integrity checks, and the ability to restart interrupted file transfers.

Antivirus protection
Can your current file transfer solution sniff out viruses and malware? If so, do its security features meet the high standards needed for corporate data security?

In a recent, highly publicized corporate security breach, unauthorized parties gained access to tens of millions of credit cards and data files from Target Corporation customers. And while details of the breach are still coming out, it appears that inadequate virus and malware monitoring allowed hackers to access customer data via a shared Windows drive and FTP – a classic case of conventional file transfer methods failing to protect enterprise from an attack.

As analysts have noted, MFT could have helped Target avoid the data breach by replacing insecure FTP scripts and centralizing control over automated file transfers. Antivirus protection is key to modern MFT’s underlying architecture.

How do virus and malware monitoring “work” in an MFT context? Here are some essential data security features, all of which we discuss in our white paper on eliminating insecure file transfers, that you should expect an MFT solution to provide:

Modern encryption – MFT products should encrypt files per Federal Information Processing Standard (FIPS)-verified and Advanced Encryption Standard (AES) algorithms.
File streaming – The demilitarized zone, or DMZ, refers to the open network across which files must travel during user-to-user and business-to-business transfers; an MFT solution should stream encrypted files across the DMZ rather than store them there in anticipation of forwarding them later.
Comprehensive authentication and authorization – This should apply to all users, servers, clients, and databases connected to the MFT network at any time.

Conventional file transfer methods rarely even approach the level of security these features provide. Still, you should accept no less in an MFT solution – especially when securing corporate data is an organizational imperative.

File integrity & compliance
To maintain compliance, many enterprises must ensure file integrity, and your MFT solution should be able to do so in accordance with industry standards. Keeping in mind that different verticals are subject to different rules, let’s consider file integrity in the context of healthcare data, which is subject to HIPAA regulations.

While healthcare management systems often apply all necessary data integrity safeguards by default, what about data in transit from a hospital to an insurance company? How can organizations guarantee the integrity of patient files once they’ve left internal systems?

Modern MFT solutions protect file integrity by performing the following functions:

Integrity checks – Through checksum or hashing, MFTs perform calculations for every file leaving the enterprise.
Access controls – These prevent unauthorized parties from modifying a file before it’s transferred.
Data encryption – A file’s contents are impossible to obtain as it crosses the DMZ.

HIPAA is just one class of regulation that requires file integrity verification, but there are many others. Organizations in the financial sector may be subject to SOX, PCI DSS, or GLBA rules, and their MFT solutions should accommodate the file integrity safeguards those laws require.

Interrupted file transfers
If there’s one MFT feature that any enterprise can get behind, it’s the ability to restart an interrupted file transfer.

Besides being outright annoying, interrupted transfers can lead to missed deadlines and damaged business relationships. Just think what might happen if an interrupted file transfer prevents a sales associate from accessing her demo files during an on-site meeting with a prospect.

Or don’t consider it. The outcome probably isn’t a happy one.

To avoid similar scenarios, automatic retries, checkpoint restarts, and guaranteed delivery should be standard components of your MFT solution. In the event of an interruption, the file transfer should restart automatically – not from the beginning, but from the precise point of failure. That way it won’t take nearly as long for the transfer to complete, which is a big deal when you’re transferring large files.

So just remember not to overlook security, compliance, and delivery features in a managed file transfer solution. They may seem like a small part of a sweeping feature suite, but they’re often the most essential components for business.

This is the seventh post in a 10-part series on managing file transfers. Read rest of the series here. Be sure to subscribe to our blog to receive the next posts.

Share and Enjoy

Should You Use Automated File Transfer or a User-Directed Process?

June 17, 2014

Automation puts file-transfer-dependent processes on the fast track. It’s how organizations integrate disparate systems to accomplish mission-critical tasks, and it’s an essential component of modern managed file transfer (MFT) solutions. But what about user-directed file transfers? Across-the-board automation may sound brilliant, but it’s not feasible for every business process. Enterprises often have no choice but […]

Read the full article →

Should companies really blow up their IT departments?

June 12, 2014

This provocative and well-written article appeared in the Wall Street Journal this week. WSJ later shared the piece to LinkedIn with an even more eye-catching headline, “Want a Better Company? Blow Up Your IT Department First.” An intriguing snippet from the piece: “Most companies are playing whack-a-mole when it comes to “unauthorized” software like cloud-storage services […]

Read the full article →

Mobile, Browser, and Email Client Access to Managed File Transfer

June 3, 2014

How easy is it for end users to access managed file transfer (MFT)? In workplaces dominated by familiar, yet shockingly insecure, file transfer methods – think email attachments, DropBox, and FTP – ensuring MFT’s broad adoption means prioritizing ease of use. Thankfully, modern MFT solutions provide the flexibility users need to perform secure, reliable transfers […]

Read the full article →

The Files Ruining Your Sharing Policies

May 23, 2014

Imagine your organization has taken all the right steps to protect its important files and information from outside attacks. Is that enough? Firewalls, anti-virus software and priority access protocols only cover file storage. What about file sharing? According to Ponemon’s 2013 Cost of Data Breach Study, the majority of information leaks aren’t caused by malicious […]

Read the full article →

What Managed File Transfer Options Are Available? On-Premise vs. Hosted MFT

May 21, 2014

A wide array of managed file transfer (MFT) options challenges firms to choose a solution that satisfies feature demands, infrastructure capacity, and budgets. The growth of cloud or “hosted” MFT further complicates the selection process by introducing additional considerations about maintenance, scalability, and costs. That being the case, how can you identify the best MFT […]

Read the full article →

How MFT Improves 3 Kinds of File Transfers

May 7, 2014

Wondering how you might use a managed file transfer (MFT) solution? The answer could depend on the kind of file transfer that’s creating challenges for your organization. To better understand the benefits of MFT, let’s consider three of the most common kinds of file transfers. In so doing, we’ll pay special attention to problems that […]

Read the full article →

4 Negative Impacts of Unmanaged File Transfers

April 22, 2014

At first glance, transferring files looks like a fail-safe operation. Users just attach files to an email, drop them in a shared folder, or upload them to a server via FTP. It’s easy, and people at your organization have done it the same way for years. Unfortunately, these familiar file transfer methods lack security protocols […]

Read the full article →

What to Expect When You’re Managing File Transfers: Houston, Do We Have a Problem?

April 8, 2014

In just a few short years, a handful of consumer-grade, cloud-based applications have made significant inroads in the file transfer space. With companies like DropBox boasting a $10 billion valuation and Google continuously improving the interface for its popular Drive service, cloud apps are, along with email attachments and FTP, a prevailing standard for file […]

Read the full article →