Filter by Category

Why You Should Incorporate Managed File Transfer into Your Cybersecurity Strategy

protect internal data with managed file transfer

Managed File Transfer: A New Cybersecurity Strategy for Sensitive Files

Earlier this month, independent news platform Patch reported that Neiman Marcus, a department store chain in the US, has finally agreed to a settlement for their 2014 data breach. They’ll need to "pay $1.5 million and adopt measures to prevent hacks," measures that include the encryption of card data, the use of "industry-accepted payment security technologies," and the auditing and reporting of activity.

The original breach compromised over a quarter million of customers’ credit or debit cards.

While the Neiman Marcus data breach happened years ago, their failure to keep data safe from hackers and malware has harmed users perpetually (almost 10,000 cards were used after being stolen). And while data breach fines are often monetary, the request that Neiman Marcus fix the problems that led to their breach shows a valuable shift in breach prevention: it’s no longer enough to pay the fines. Poor cybersecurity strategies must also be improved to safeguard sensitive files in transit and at rest.

Why File Encryption for Sensitive Data Matters

Modern cyber incidents prove, again and again, that cybersecurity strategies and policies in industries like retail, healthcare, and even the public sector are not making progress fast enough. The threats and pitfalls organizations faced in the early 2010s are the same issues we’re facing in 2019: issues like malware, unencrypted data, spear phishing scams, and weak passwords.

Forbes reports that companies expect to "spend $93 billion" collectively on information security this year. "They keep pouring tons of money into protecting the network," the author states, but "the real crown jewels … are in the data that sits behind the network walls. That data is often not protected." That means there’s an increased interest in good cybersecurity practices, but organizations aren’t spreading that interest equally between their internal and external networks.

It’s not enough to lock the door. An organization’s crown jewels should also be kept in a vault. This ensures that even if someone gets inside, they won’t be able to heist their actual target.

In this case, the jewels are valuable customer information. The vault is encryption. And the security guard that puts the jewels in the vault is a type of cybersecurity solution called managed file transfer.

An Overview of Managed File Transfer Software

For a strategy that protects sensitive data and file transfers both in transit and at rest, we recommend using managed file transfer (MFT). MFT solutions already have a base foundation that, at minimum, keeps data secure and compliant with data security standards across the US and Europe. These standards include HIPAA, HITECH, PCI DSS, SOX, and the GDPR.

What is managed file transfer?

At its core, MFT is a type of solution organizations can use to meet their inbound and outbound file transfer needs. It uses industry-standard file transfer protocols (like SFTP, FTPS, and AS2) to send files securely in transit and uses encryption standards (like Open PGP and AES) to protect data in transit and at rest.

Why choose Managed File Transfer over free file sharing methods? Check out our blog and video here.

What does "managed" mean?

The "managed" in managed file transfer refers to how the software automates and streamlines the exchange of data for you, thus reducing manual processes and eliminating the need for any legacy tools and scripts you might have. Data (including documents, images, videos, and other files) can also be exchanged via MFT across your private networks, systems, applications, partners, and cloud environments from a single point of administration.

To learn more about MFT and how it differs from other file sharing tools, read this article.

MFT: The Perfect Solution for Your Cybersecurity Strategy

MFT software isn’t just for sending files between users and systems. It comes with many features and modules that can be used to automate processes, ensure secure connections, track file transfer activity, and more.

Here are a few key features available in most MFT solutions that can help you avoid a successful data breach:

File Encryption

Unfortunately, most organizations suffer a data breach because their internal files and data are not encrypted. The recent Marriott breach, for example, exposed over 5 million unencrypted passport numbers. Other breaches happen because of how files are shared. An email that contains an unencrypted file, for example, could cause a breach.

MFT solutions use integrated encryption technologies like Open PGP, SSL, SSH, and AES to secure sensitive data. Most also include a key manager that allows you to create, import, export, and manage your keys and certificates within the product.

Is Managed File Transfer Right for Your Requirements?


File Transfer Automation

User errors and manual processes can also cause data breaches. By automating the encryption and exchange of sensitive files, processes and workflows will run without user intervention. This is especially useful when dealing with a high volume of file transfers. With automation, files will get where they need to go (whether its trading partners, remote locations, or even the cloud), and every file will be encrypted out of the gate.

Note: Wondering about ad-hoc file transfers? Some solutions, like GoAnywhere MFT, also offer a secure email module that allows users to send one-off file transfers through a secure HTTPS connection. So while an ad-hoc file transfer is not automated, it’s still secure.

Auditing & Reporting

Managed file transfer solutions support auditing and reporting for compliance needs. All file transfer and administrator activity is stored and easily searchable. For organizations that need to report on file transfer activity to remain compliant with regulations and laws, the audit logs can be generated and distributed as PDF reports. This can be scheduled on whatever basis is required by your company’s leadership or business partners.

These managed file transfer features can help you protect your files—and there are many more to learn about. For further information on using MFT as a cybersecurity strategy for data breach prevention, check out our guide: Developing the Right Strategy for Data Encryption.

So, How Should You Get Started?

There are five steps we recommend taking to get started on incorporating managed file transfer into your cybersecurity strategy:

  1. Complete an audit of your current cybersecurity practices. Make note of which areas are putting you at risk, which areas are good, and which areas could use some improvement.
  2. Review your data breach and incident response plan. If you don’t have one yet, now is the perfect time to create one.
  3. Once you’ve looked at your incident response plan, read our Secure Managed File Transfer Buyer’s Guide for everything you need to know about finding, evaluating, and purchasing an MFT solution. An MFT solution will be part of your data breach prevention plan. Take it one step further by reading your peers' personal MFT success stories.
  4. Download a free MFT trial and see how it works in your organization. The benefits are almost immediate, from file transfer automation to solid data encryption.
  5. Build better connections between your network and web/cloud applications. If you decide to add MFT to your cybersecurity strategy, several solutions, including GoAnywhere MFT, offer built-in cloud integrations with applications like Dropbox, SharePoint, and JIRA.

A data breach isn’t written in stone for your organization. Don’t become the next statistic. Make 2019 the year you add managed file transfer to your cybersecurity strategies!

Latest Posts

How Azure Works with GoAnywhere MFT

March 1, 2021

What is Azure? Microsoft Azure is a cloud computing platform comprised of more than 200 separate products and cloud services. Most organizations use Azure to host sites and applications in the…

What is PeSIT?

February 26, 2021

What is PeSIT? PeSIT, short for Protocol d'Echanges pour un Systeme Interbancaire de Telecompensation (Protocol for data Exchange within the French Systems for Interbank Tele-clearance), is an…

What is GPG?

February 23, 2021

What is GPG? GPG, also known as GNU Privacy Guard (GnuPG), is a different adaption, but popular implementation of the Open PGP standard as defined by RFC 4880. GPG in Depth GPG is an open-source…

Is Transferring Files Through Email Secure?

February 18, 2021

You know the feeling. That need to cross your fingers and hold your breath when you hit “send” on an email, or at the moment you click on a link within an email with a pang of regret. While a…

Encryption for Exchanging Files

February 16, 2021

You seal the envelope when you send a letter. You lock your car when you park at the big box store. You track your packages to make sure porch pirates don’t get them before you do. Your file…