Filter by Category

Hacking and File Transfers: What You Need to Know

In the battle to secure information, it helps to know a little bit about how it can be compromised. Using FTP is one way to expose critical vulnerabilities that can allow credentials to be hacked. However, these holes in security can also be easily closed if you know how.

How Hackers Discover Vulnerabilities

Here's how hackers could access sensitive data sent via FTP.  With the use of a "sniffing" tool, an attacker could intercept and log any data traveling across the network. This log can then be analyzed to look at the content that was sent across specific TCP ports like FTP (port 21), as well as the user ID and passwords used to log in to the FTP servers that may have been sent as clear text.

managed file transfer, secure file transferStart with Networks, Routers, and Firewalls

To prevent this kind of hacking, the wired network can be secured by first making sure network ports are not available for public access, and then by separating network segments for sensitive servers and workstations.

However, many companies also have wireless networks where hackers just need reasonable proximity to the Wi-Fi signal, such as in an adjacent office or parking lot. Therefore, it is critical to secure wireless routers with WPA or WPA2 encryption options, rather than WEP encryption, which is no longer considered effective protection against hackers.

Once networks are secured, the next most effective tactic against hackers is to block all FTP traffic at the firewall. Then, for permitted file transfers, allow only secure encryption protocols such as SFTP, FTPS, HTTPS, PGP, or GPG for file exchanges in and out of the network. These security restrictions will deter most hackers.

Security Measures Can Be Challenging

Implementing these security measures is important, but it doesn't come without some challenges.  The IT staff will have to handle more complicated secure file transfer management processes, and users may be inconvenienced as files are transferred to people and organizations that need them.  As a result, users may look for a workaround for sending and receiving files to avoid being slowed down by the IT staff.  Popular alternatives users may try include email attachments or browser-based cloud services such as Dropbox that present a new vector of vulnerability as these options may not meet necessary security standards.

MFT Minimizes Hassle, Solves Security Vulnerabilities

There is a solution, however, that can provide not only the highest security for file transfers, but also create fewer hassles for both the IT department and the general employee.

Managed File Transfer (MFT) solutions increase data file security implementations and simplify the entire file management process by providing the tools for easily creating and managing all of the unique encryption keys for the company's various trading partners.  Access controls can be set up for authorizing each employee's file exchange requirements. MFT also provides a detailed log of all transactions so that any required audits may be easily fulfilled.

Some MFT vendors also provide intuitive and convenient email encryption solutions that can integrate with existing corporate email clients such as Outlook. This reduces the temptation for employees to use workaround tools that may bypass the security restrictions that have been put in place to prevent hacking of sensitive data.

Keeping data secure is an ongoing mandate that will only become more critical as industries move toward paperless environments. Adopting a managed file transfer solution is one of the best ways to strengthen your file transfer processes and security as the pressure and liability risks continue to grow.

 

Want to learn more about protecting data from hackers and data breaches? Read this informative whitepaper: Defending Against Data Breach: Developing the Right Strategy for Data Encryption.

 

 

 

 

 

photo credit: kryptyk via photopin cc
 
 
 

Comments (1)

  1. Data Breach Incidents on the Rise in Healthcare:
    Dec 19, 2012 at 02:13 PM

    [...] « Hacking and File Transfers: What You Need to Know [...]

Add a Comment

Allowed tags: <b><i><br>

Latest Posts


Getting the Most Out of Your GoAnywhere MFT Trial

August 14, 2018

We know it’s crucial to get a solution up and running quickly during your evaluation period. You want to know if it works, what the benefits are, and how it will impact or improve your business…


Six Signs Your Organization Needs MFT Software

August 7, 2018

As organizations increase the amount of data they transfer between users, employees, and trading partners; cybersecurity and IT teams race to keep up. One wrong move, like the lack of file…


Monitor Your GoAnywhere Analytics with HelpSystems Insite

July 26, 2018

With a brand new release of HelpSystems Insite, GoAnywhere MFT administrators can now view key GoAnywhere analytics from Insite’s single-pane-of-glass interface. This integration allows admins…


What Do Industry Professionals Think of Cloud Security? Get the 2018 Guide

June 18, 2018

Whether you’re considering a public cloud deployment or already exist in some form of hybrid environment, you’re probably trying to keep a pulse on the ever-evolving topic of cloud…


Introducing GoAnywhere MFT 5.7: New Cloud Integrations and Other Features

June 15, 2018

The latest version of our secure managed file transfer solution is live! Today GoAnywhere MFT 5.7 released with a variety of new features and updates, including brand-new Cloud Connectors,…