Filter by Category

Silence the Nagging By Securing Your Data

Compliance issues and the ever-growing list of compliance regulation acronyms (HIPAA, PCI DSS, SOX, etc.) are persistently nagging IT folks who must meet tough mandates and overly complicated rules. compliance, HIPAA, PCI DSS, data security

Of course, the real reason we must now pay so much attention to compliance is others' irresponsible abuse. Somewhere along the data strewn path, a few malicious malcontents had to succumb to the voice of greed and abuse their technological skill sets. All IT professionals' jobs are tougher thanks to those that through hacking, sniffing, or lifting data sources chose to steal and sell inadequately secured information.

The truth is, though, that "data" really is sensitive information and we live in a paranoid modern world where dastardly damage is done with a just a little twist of the facts. So in response to the cries of outrage among our citizens, politicians have wrung their bureaucratic hands and offered plenty of passing legislation designed to protect our data.

Because IT is responsible for the company's data, we need to stay abreast of the laws that apply to it. We also need to to fully understand and implement the three types of data protection: physical, transitional, and procedural.

Physical

Physical protection is probably the easiest. We secure the data on our servers, backup tapes and offsite facilities with technologies such as passwords, drive encryption, backup encryption, data center surveillance, physical locks, etc. We spare no expense in securing the physical because we can see it and believe it is secured. Or so we think.

Transitional

Transitional protection is a little more difficult. Any data files that leave our networks should be secured with managed FTP solutions that encrypt the files with SFTP, FTPS, HTTPS, PGP, and other protocols. Firewalls are set up to control what can leave or enter our data domain. DMZ secure gateways are set up to increase the virtual protection of the data and still allow designated users access to it.

Learn More: DMZ Secure Gateways: Secret Weapons for Data Security

Procedural

Procedural security is a type of data protection that is least understood and implemented. A clear and understandable security policy needs to be communicated to the end users so they become familiar with sensitive data is secured, and what consequences may loom if procedures aren't followed.

The majority of us in IT are protective about who has access to our own sensitive data, so we can understand the reason for protecting everyone else, too. Yes, it's a lot of work, but it's part of the new normal.

Meet various compliance requirements with GoAnywhere MFT:

Latest Posts


German DPAs Announce New Email Encryption Guidance

August 6, 2020

In May of 2020, substantial guidance on email encryption was issued by the German Data Protection Authorities (German DPAs) specific to personal data transferred via email. These guidelines recommend…


The Top 15 MFT Blog Posts You Need to Read

August 5, 2020

Get Your Reading Glasses On We know that you want to be the expert on how to secure data, move files securely, and follow best practices for your day-to-day file movement and security. Like many…


8 Real Ways Financial Organizations Use GoAnywhere MFT

August 4, 2020

GoAnywhere MFT is the Ultimate Asset for Banking and FinanceFor banking and financial organizations, protecting sensitive customer data and meeting compliance requirements for regulations is…


How Do MFT and DLP Solutions Fit Together?

July 30, 2020

Some software solutions work great alone. Some work even better together. Combining managed file transfer (MFT) with adaptive data loss protection (A-DLP) is one such pairing that creates an optimal…