Filter by Category

Ad-Hoc File Transfers Present Challenges, Vulnerabilities, and More

Regardless of industry or job title, most employees who sit at a computer screen all day have, at one time or another, needed to email a file that was too big to send. For most people outside of IT, that posed a significant obstacle.

Take Betsy, for example. How could Betsy in Marketing send the CEO's requests for changes to the annual report back to the ad agency if the file was too large to attach to an email? Fax it, maybe? So old school!

secure mail, ad-hoc file transferBetsy is eager to do a good job and meet expectations, and hates depending on someone else to help her do something she perceives should be relatively easy to do--like send a file as an email attachment. Therefore, because her coworker told her something about FTP-something, she uses a search engine and finds a host of FTP tools she can download for free that promise to solve her problem quickly and easily. Score!

Free FTP tools, browser apps, and cloud-based storage, oh my!

This scenario is replicated in thousands of companies every day. Employees download FTP tools or use FTP features that "come with" their browser, and they rejoiced believing that their file transfer problems were solved. Others created accounts on cloud-based file storage systems where they uploaded files and then sent an invitation to the recipient to download the file using a specific link.

Unfortunately, while a free FTP tool downloaded from the Internet might solve an immediate need, it often creates a host of other problems, and many of them go unnoticed because IT administrators are unaware that this is happening.

Here are just a few of the challenges for the IT staff:

  • Who has what tool installed on which machine?
  • Who provides support for these tools if there's a problem with a file transfer?
  • How are the file transfers secured to prevent data breach?
  • Who is monitoring what data is being transferred, by whom, to which recipients, and for what purpose?
  • How is the receipt of the documents confirmed?
  • How will compliance auditors view this approach to ad-hoc file transfers?

There's no easy solution--or is there?

Company policies could dictate a variety of solutions. They could block the download of any apps to individual desktops at work, and/or require people who need to do ad-hoc file transfers to register the tool and the relevant login data with the IT department for approval. They could require that anyone who needed to send a large file make a formal request to the IT department and wait for someone there to send it via the company's official FTP software or managed file transfer solution. They could require all staff to sit through mandatory training to deter them from continuing this practice.

A more effective approach might be implementing a secure mail tool. A trustworthy secure mail system will keep the files that need to be transferred stored securely within the organization's network, and will allow authorized users to email a unique link to a trading partner that they would use to access and download the files via an HTTPS secure channel.

Most of the cloud-based file storage systems provide a similar approach, allowing users to store their files and then invite others to view or download them using a link.

There are critical differences, though, between a secure mail system and the cloud-based apps. Most importantly, secure mail gives control back to an organization's IT administrators so they can track file transfers and maintain audit logs, both of which are required by most compliance regulations such as HIPAA, PCI DSS, SOX and GLBA. A secure mail system that is controlled by the IT staff can ensure that file transfer policies are followed, and can include additional security features such as requiring additional password protection, applying link expiration dates, and other features.

The bottom line

Most organizations want efficient workflows, employees who feel empowered to do what it takes to meet expectations, and assurances that the data they store and transfer is insulated from external threats. A secure mail ad-hoc file transfer solution seems like a smart way to accomplish all of those goals.

GoAnywhere MFT just released a new Secure Mail module, so check it out.

 

Comments (1)

  1. GoAnywhere Secure Mail Now Includes Outlook Plugin:
    Aug 03, 2012 at 12:08 PM

    [...] Whether we realize it or not, the simple act of emailing a file as an attachment can pose a significant security vulnerability, especially for organizations governed by strict compliance regulations.  Learn more in the previous post “Ad-Hoc File Transfers Present Challenges, Vulnerabilities.” [...]

Add a Comment

Allowed tags: <b><i><br>

Latest Posts


Why You Should Never Use FTP to Transfer Cloud Files

March 7, 2019

The cloud has become an increasingly popular topic among organizations in recent years. From sharing projects via cloud collaboration tools to exchanging files between a company and its trading…


Public Defender’s Office Reduces Manual Data Entry with Secure File Transfer Software

March 4, 2019

Every organization has legacy processes. Manual data entry, file cabinets full of paper records, sensitive documents sent across the organization by email, or even file transfers sent via homegrown…


Five Secure File Transfer Alternatives to FTP

February 21, 2019

The Need for Secure File Transfer Protocols Back in the day, File Transfer Protocol (FTP) was the go-to protocol for sending files. It was a simpler time, and security was far less of an issue than…


Which is Better: Free SFTP Software vs. Enterprise-Level SFTP Software?

February 14, 2019

Free SFTP Software vs. Enterprise-Level SFTP Software In general, people like free things. Beverages, company lunches, swag at tradeshows and conferences, t-shirts and socks, those intriguing items…


What is Secure File Transfer?

February 5, 2019

Moving sensitive, often-proprietary files from one person—or organization—to another has become a complex aspect of the business world today. This complexity comes not only from the size…