» 

Blog

Four Modern Alternatives to FTP Explained

Today's data-driven world is demanding, requiring accuracy, speed, integrity and above all -- security. It's a tall order to fill, and in the past, many organizations relied heavily on the legacy FTP protocol to transmit files. But over time, the security of this method has been tested by hackers.

FTP AlternativesFor example, a serious breach occurred at Yale University in 2001, when more than 43,000 user IDs were exposed and all data was carefully harvested from an FTP server. Acer customer details were stolen in a similar fashion the same year. And most recently, 7,000 FTP sites had their credentials circulated in underground forums, including an FTP server run by The New York Times.

Security and file transfers are a significant concern for IT security professionals, but what is the best way to safeguard your company's data?

Leveraging More Secure Options

As many organizations have evolved past traditional FTP, they are opting for modern and secure options for transmitting data, including:

SFTP. Also known as FTP over SSH, SFTP brings down the risk during data exchange by using a secure channel between computer systems to prevent unauthorized disclosures during transactions. Authentication of an SFTP connection involves a user id and password, SSH keys, or using both.  It is also firewall friendly, only needing a single port number to be opened.

HTTPS. Many sites are gravitating to HTTPS instead of the traditional HTTP, but what are the major differences? For starters, traditional HTTP doesn't encrypt traffic to your browser, which poses a security risk. In contrast, HTTPS provides an added encryption layer using Transport Layer Security (TLS). This creates a secure channel so the integrity of the data is not changed without your knowledge. HTTPS is ideally suited for file transfers where a trading partner requires a simple, browser-based interface for uploading data.

AS2. This is a popular method for transporting EDI data safely and reliably over the Internet. The AS2 generates an "envelope" for the data, allowing it to be sent using digital certifications and encryption. For example, Walmart has become well known for using EDI through AS2 and has played an important role in driving adoption in the retail industry.

Managed File Transfer. A method that supports the above options and makes FTP more secure is managed file transfer (MFT). This secure option streamlines the exchange of data between systems, employees and customers. Numerous protocols and encryption standards are supported, and MFT provides extensive security features that meet strict security policies to comply with PCI DSS, HIPAA, GLBA and other regulatory requirements.

MFT solutions provide advanced authentication and data encryption to provide secure and reliable file transfers. You can also track user access and transfer activity through reporting features.

Overall, managed file transfer offers the best option for securely managing the transfer of data quickly, efficiently with detailed audit trails. It's preventive, rather than reactive, which is what security professionals in today's environment need most.  


Single Sign-On Adds Simplicity and Integration to GoAnywhere Services 3.5

The release of GoAnywhere Services version 3.5 introduces SSO (Single Sign-On) support to our secure FTP software.  Those familiar with the technology understand the significance of this enhancement in improving security and simplicity in our HTTPS Web Client.

Single Sign-On GoAnywhere Services Today's workplace requires a growing number of usernames and passwords to access the company's network portal, webmail, benefits system, cloud-based applications, and much more.  This can lead to "weak" passwords or the overuse of a single password which, if stolen, can create vulnerability across multiple accounts.

SAML (Security Assertion Mark-Up Language) is an XML based open standard for authorization and authentication between an Identity Provider and a Service Provider.

Implementing SSO affords your organization a number of opportunities.  The addition of SAML v2.0 support, using the OpenSAML API, allows GoAnywhere Services to improve productivity, increase adoption, centralize user access control and add a uniform security layer.

In addition, SSO support now allows integration of GoAnywhere Services with both internal applications and compatible external applications.  For example, you can now regain control of documents storage in Salesforce.com while providing a simple and seamless experience for users.

Additional enhancements include two new languages, custom disclaimers for all languages and new Virtual Folder commands.

Expanded Language Support

Version 3.5 adds support for two new languages: Portuguese and Bahasa.  Linoma Software continues to evaluate requests for additional languages as part of our commitment to building a product that serves an international marketplace. This release also improves language support by accommodating custom disclaimers for each language.

Virtual Folder Commands

GACMD (GoAnywhere Command) received an update that improves the ability to create, update, and delete virtual files and folders across a range of web user and group profiles in GoAnywhere Services.  GACMD provides a way to programmatically send commands to GoAnywhere Services and our file automation solution; GoAnywhere Director.

A result of user feedback, this enhancement further improves the efficiency of GoAnywhere Services.      


New Secure File Sharing App for iOS and Android

Secure file management is now possible in the Bring Your Own Device (BYOD) workplace with the introduction of Linoma Software's GoAnywhereTM File Transfer app for the iOS and Android operating systems.

file sharing appThis new app enables users of Apple and Android phones and tablets to easily and securely connect with their corporate network to transfer files. The intuitive menus in the app allow users to upload or download without special training or technical skills.

"File management is a critical function in any workplace and, without a secure BYOD solution, users will find a workaround to maintain productivity," said Bob Luebbe, chief architect for GoAnywhere. "Delivering mobility tools that make it easier for workers to connect with corporate servers reduces reliance on policy enforcement to control data security."

As an enterprise solution for secure mobile file sharing, GoAnywhere File Transfer allows data to remain on company servers so no information is uploaded to the cloud. Employee access and permissions are controlled by the administrator, including LDAP and AD authentication for Android and iOS devices.

Because the mobile app connects with GoAnywhere Services - a secure FTP server for enterprise - all file transfer events are logged to meet compliance with SOX, PCI DSS, HIPAA and state privacy laws.

"We're always listening to our customers and this new mobile app is a direct result of that feedback," Luebbe said. "Our customers' trading partners and vendors can also use this app to exchange files with our customers' systems. It's a win-win for everyone."

The GoAnywhere File Transfer app is available for download now on iTunes and the Google Play store. It is free to customers licensed for the GoAnywhere Services HTTP/s module.

GoAnywhere Services -- part of the GoAnywhere Managed File Transfer (MFT) software suite -- makes it easy for trading partners, remote employees and other external parties to initiate encrypted file exchanges through standard protocols including SFTP, FTPS and HTTPS.


About Linoma Software

Founded in 1994, Linoma Software provides innovative solutions for managed file transfer and data encryption. With a diverse install base of more than 3,000 customers around the world, Linoma's focus on research and development, as well as customer service and support, contributes to its leadership in the software industry.

About GoAnywhere™ Managed File Transfer Suite

GoAnywhere™ is a managed file transfer and secure FTP solution that will streamline and automate file transfers with trading partners, customers, employees and internal servers. Enterprise level controls and detailed audit logs are provided for meeting strict security policies and compliance requirements including PCI DSS, HIPAA, HITECH, SOX, GLBA and state privacy laws.

GoAnywhere can be installed on most platforms including Windows®, Linux®, IBM® i (iSeries®), UNIX®, AIX® , and Solaris®, and supports popular protocols including FTP, SFTP, HTTPS, Open PGP, AES, and AS2.  NIST® certified FIPS 140-2 validated encryption is included to meet Federal guidelines.  An optional Secure Mail module for ad-hoc file transfers is available. The GoAnywhere solution is comprised of three products:

  • GoAnywhere Director™ - Managed File Transfer (scheduler, workflow automation, file encryption, etc.)
  • GoAnywhere Services™ - Secure FTP Server and optional Web Server
  • GoAnywhere Gateway™ - DMZ Gateway with Reverse and Forward Proxy

  More information and a free trial of GoAnywhere Services can be found at http://www.GoAnywhere.com.