Filter by Category

Data Breach Remains a Hot Topic for Media

Giant red lock reading data breach stands out among a sea of little blue locks.

During the past few years, the media has highlighted a variety of examples of the loss of private information by large companies either by theft or misuse.

One of the reasons for the increased media attention is the renewed focus on establishing and enforcing data breach notification laws which apply to companies that own, lease or store private, personally identifiable information. If that data is exposed to unauthorized use either by accident, cyber attack, employee misconduct, or other causes, most states require companies responsible for protecting that data to announce the data breach and individually notify everyone affected. Some states require that credit agencies are also notified.

For clarification, private data means any information that can be used to identify an individual, including sensitive information such as a credit card number, social security number, or health related data. T

here are a few exceptions to having to report the data breach. If the compromised files were encrypted while in transit across the Internet or stored on stolen backup tapes, for example, it is unlikely that the files could be unencrypted, so the individuals' privacy isn't as likely to be compromised.

A company that finds itself dealing with a data breach learns quickly that the process is not just embarrassing and costly (sending notifications, providing free credit reports, etc.), it can also damage the company's hard-earned reputation resulting in the loss of customers. The point is that companies are responsible - and legally liable -- for the information that is in their hands.

Securing File Transfers

Most companies use FTP (file transfer protocol) to send data files back and forth to their trading partners, vendors, remote employees, etc. Most often, FTP is used to send files that are too large to email.

However, file transfers like these are captured and compromised by data thieves on the Internet every day -- unless security procedures have been put into place to safeguard the files' data.

Companies need to implement procedures that secure both an in-motion process (files in transit over the Internet) and an at-rest process (files stored on servers or backup tapes). SFTP and FTPS protocols both secure the file while in motion by encrypting the communication link between two systems during the file transfer. PGP encrypts the file itself, protecting it while at rest on the server or backup tapes.

When addressing the challenge of sending ad-hoc files that are too big to email, finding a managed file transfer solution that includes a secure mail feature can mean the difference between an accidental data breach and a successfully delivered file.

Implementing these security procedures is a significant step organizations can take to greatly reduce their risk of data breach, and therefore their exposure to the financial liability and the loss of confidence of their customers and trading partners.

Latest Posts


Ransomware Attacks on Small Businesses: How to Mitigate

July 21, 2021

Small businesses are just as vulnerable as large enterprises to cyberthreats and ransomware attacks. Robust security defense strategies, including MFT, can help.


Defining What Extreme File Transfers Can Do for You

July 20, 2021

Learn what extreme file transfer (XFT) is and what it can do for your organization.


This Month in Cybersecurity

July 20, 2021

Ready to learn more about how to protect your organization from cybersecurity threats? Learn what’s new in the world of cybersecurity as well as how you can continue to implement preventative cybersecurity practices.


How Managed File Transfer Supports SWIFT Compliance

July 15, 2021

Any organization that handles sensitive financial data knows that secure transfers are essential to data security. Discover how a secure file transfer solution can support and enhance your SWIFT usage.


GDPR and its Relationship with Healthcare

July 13, 2021

GDPR establishes protections for the security of sensitive data for individuals in the EU. Read our blog to learn more about GDPR and how it impacts the healthcare industry.