» 

Blog

Posts Tagged with "AD HOC"

Sign Up for the FREE Secure File Transfer Webinar Series

Linoma Software is hosting a FREE October Webinar Series on the advantages of securing your system-to-system and person-to-person file transfer processes.  Please take a moment to register for one, or both, of these informative live presentations.

Webinar: Get Your FTP Server in Compliance

Get Your FTP Server in Compliance

Are you still running an outdated FTP server in your DMZ? Does your FTP server have the security controls and audit reporting needed to meet the latest PCI DSS and HIPAA compliance requirements?

GoAnywhere goes beyond a typical FTP server by providing the enterprise-level features and security you need to get compliant.

FREE WEBINAR: Now Available On-Demand

We demonstrate GoAnywhere and how to:

  • Use SFTP, FTPS and HTTPS for file transfers
  • Protect files at rest and in motion with AES 256 encryption
  • Set triggers to automatically process files
  • Control access to private and shared folders with granular permissions
  • Generate detailed audit logs and reports

Register Now


3 Advantages of an on-premises Solution for File Sharing

Are you looking for a better solution than cloud-based file sharing services like Dropbox to transmit sensitive company data?

Put an end to employees using unsecure cloud-based file sharing services. Improve compliance and cut the risk of sensitive company data falling into the wrong hands.

FREE WEBINAR: Now Available On-Demand

We cover the three advantages of an on-premises product for Enteprise File Sync and Sharing (EFSS):

  • Local management of user accounts and files
  • End-to-end encryption of files at rest and in motion
  • No monthly user subscription fees or storage limits

Register Now


Join us for these complimentary webinars to get a valuable tour of GoAnywhere MFT. Linoma's engineers will be on hand during the webinars to answer your technical questions.


Do Your Homework When Choosing a Managed File Transfer Solution

Linoma Software emerged as an early pioneer in MFT (managed file transfer).  Starting in 2002 with a solution for automating and managing file transfers, capabilities soon expanded to support encryption standards to help organizations protect sensitive and confidential data.

Companies of all sizes quickly recognized how MFT could help them establish centralized control over file access, streamline file transfer processes, and simplify compliance through detailed audit logs and reporting.  This has led to a surge in providers, each with their own flavor of MFT.

This increasingly crowded marketplace has made it difficult for IT security professionals to research and recommend the best MFT solution to meet their organization's particular needs.  That's why Linoma Software's chief architect Bob Luebbe believes so highly in the value of quality research like the recent report on the vendor landscape for MFT by Info-Tech Research Group.

research mft - info-tech-slides-stackedThe Info-Tech report entitled "Select and Implement a Managed File Transfer Solution" gives you the tools to fully explore your organization's requirements for MFT.

"Managed file transfer software is frequently purchased to meet the requirements of one initiative," states Luebbe, "but companies quickly discover the advantages of implementing MFT across all areas of file management."  Proper planning allows you to 'secure file transfers today and avoid worrying about tomorrow'.

Assembling a thorough assessment of system-to-system and ad-hoc file transfers across every department allows you to match current and future demands to MFT providers identified as leaders in those particular areas.

Choosing an MFT solution is an investment of both money and time.  "If you're not 100% confident in the software's ability to communicate with your existing systems and perform to your expectations, that should be reason for concern," Luebbe cautions.

"Install fully functional trial software on your own system, request a personalized demo where you can see the software in action and have the ability to ask specific questions, and always ask for references from customers using the software in a similar fashion."

Luebbe concludes, "Linoma Software believes in MFT's ability to help an organization achieve regulatory compliance, increase security and streamline processes.  It's important to us that everyone has a positive experience with this transformative technology."

Read the entire Info-Tech Research Group report on the MFT vendor landscape for yourself at http://go.linomasoftware.com/infotech2015.


GoAnywhere Gets Best Overall Value Scores for Server-to-Server and Ad Hoc Enterprise in Info-Tech Research Group's Study of Managed File Transfer Solutions

Info-Tech Research Group, an IT research and analysis company, has released a report naming Linoma Software's GoAnywhere managed file transfer (MFT) solution as having the highest Value Score of the MFT vendor group in Server-to-Server and Ad Hoc Enterprise use cases.

Info-Tech Research Group defines a Value Score as an index of "each vendor's product offering and business strength relative to its price point. Vendors that score high offer more bang-for-the-buck (e.g., features, usability, stability) than the average vendor, while the inverse is true for those that score lower."

Info-Tech Research Group released the findings in its report entitled, "Select and Implement a Managed File Transfer Solution," which lays out numerous criteria for designating MFT products and evaluating products in that market niche.

In particular, the report makes the point that "FTP is no longer a viable option" for enterprises with high-volume data transfer needs because of such challenges as difficult installation processes, no file delivery guarantee, limited storage-management options, user-training problems, increased risk, limited visibility, and lack of encryption.

Info-Tech Research Group evaluated different MFT software solutions for such attributes as speed, volume (capacity), security/encryption, and compliance with industry standards and governmental mandates. GoAnywhere received the only 100 out of 100 possible points awarded for Server-to-Server and Ad Hoc Enterprise in Info-Tech Research Group's Managed File Transfer Vendor Landscape.

Info-Tech Research Group's Vendor Landscape reports recognize outstanding vendors in the technology marketplace. Assessing vendors by the strength of their offering and their strategy for the enterprise, Info-Tech Research Group's Vendor Landscapes pay tribute to the contribution of exceptional vendors in a particular category.

According to the report, "With enterprise-level controls and rigorous audit logs, GoAnywhere ensures strict security policies and compliance regulations are met, regardless of industry. The product is FIPS 140-2 certified and is compliant with PCI DSS, HIPAA, HITECH, SOX, and GLBA. Its ability to connect and interface with multiple technologies provides a versatile solution in disparate environments. GoAnywhere's reverse proxy restricts which ports are open on your internal network. This is useful for all high security and regulatory environments."

Further details on Info-Tech Research Group's Managed File Transfer Vendor Landscape are available at http://go.linomasoftware.com/infotech2015.


File sharing needs to be easier for employees and more secure for IT administrators

It's the age-old file sharing dilemma: how do you make technology easy for end users without compromising the security protocols your company requires?

Workflows are moving at ever increasing speeds, and we're all trying to get more done in less time.  Employees are often juggling multiple projects at once and view having to follow complicated security protocols as an annoying speed bump.  They don't mean to be non-compliant.  They're just in a hurry and under pressure, so any shortcut they can find is tempting.

File sharing shortcuts may be easy, but are they secure?

When it comes to file sharing, especially sending sensitive files to vendors, customers, trading partners, or even other internal teams, those outside of the IT department will look for the path of least resistance.  How can I get this file to that person easily and quickly?

The answer tends to be one of two choices.  Employees will either attach the file to an email, or if it's too large, they'll try one of those free cloud-based applications like Dropbox, Box.net, or Google Drive.  As far as they're concerned, as long as the file gets to where it's going, that's what really matters. Most people in the office don't realize that email attachments aren't secure, and that the cloud tools may not meet the security compliance regulations that affect their organization.

GoAnywhere File Sharing WebinarUpcoming webinar provides a convenient and secure solution

Therefore, the challenge is finding a way to make it as easy for employees to share files securely as it is for them to use one of those shortcuts.  Fortunately, GoAnywhere has developed that alternative.

We're presenting a live webinar on Thursday, January 30, to show you just how easy secure file sharing can be.

Find out how GoAnywhere Services, the secure FTP server product within the GoAnywhere Managed File Transfer Suite, gives your employees a convenient way to share files as easily as with any other shortcut they've found.  The advantage is that those files are sent through a unique, encrypted HTTPS link that the recipient clicks to download the file.  In addition, the file transfer is tracked so that detailed audit reporting can be maintained in compliance with organizational and industry data security regulations.

Finding the right balance between convenience and security is the key to maintaining a great relationship between employees and the IT team.  


New Android Mobile App: GoAnywhere File Transfer at the Tap of a Finger

It used to be that when we left work for the day, we really left work.  With today's mobile culture, however, employees are staying on top of projects and communicating with customers no matter where they are.

Linoma Software found a way to make that a little easier by developing its new GoAnywhere File Transfer mobile application for the Android platform.

Now, GoAnywhere Services customers can securely exchange files with internal servers or trading partners using their mobile phone or tablet.  Trading partners can also download the app and access the customer's web portal to exchange files securely and conveniently.

The GoAnywhere File Transfer mobile app works much like GoAnywhere Services' ad hoc web client, and can also send files through Services' Secure Mail feature.  It is free to download from the Google Play store.

Here are some screenshots of the Android app at work:

GoAnywhere App ad hoc web client

From this screen, an employee could send or retrieve files by accessing the GoAnywhere Services ad-hoc web client.

GoAnywhere App secure mail

GoAnywhere Services customers can also send files right from their phones or tablets using the Secure Mail feature.

GoAnywhere secure mail module

As with the standard GoAnywhere Services Secure Mail module, users can choose from a variety of security settings before they send the secure email.

For more information about the GoAnywhere File Transfer Android app, you may read the official announcement, or contact us via email or by calling 1-800-949-4696. If you're not familiar with GoAnywhere Services, our secure FTP server solution that's part of the GoAnywhere managed file transfer suite of products, we'd be happy to schedule a demo with one of our product specialists.


Hacking and File Transfers: What You Need to Know

In the battle to secure information, it helps to know a little bit about how it can be compromised. Using FTP is one way to expose critical vulnerabilities that can allow credentials to be hacked. However, these holes in security can also be easily closed if you know how.

How Hackers Discover Vulnerabilities

Here's how hackers could access sensitive data sent via FTP.  With the use of a "sniffing" tool, an attacker could intercept and log any data traveling across the network. This log can then be analyzed to look at the content that was sent across specific TCP ports like FTP (port 21), as well as the user ID and passwords used to log in to the FTP servers that may have been sent as clear text.

managed file transfer, secure file transferStart with Networks, Routers, and Firewalls

To prevent this kind of hacking, the wired network can be secured by first making sure network ports are not available for public access, and then by separating network segments for sensitive servers and workstations.

However, many companies also have wireless networks where hackers just need reasonable proximity to the Wi-Fi signal, such as in an adjacent office or parking lot. Therefore, it is critical to secure wireless routers with WPA or WPA2 encryption options, rather than WEP encryption, which is no longer considered effective protection against hackers.

Once networks are secured, the next most effective tactic against hackers is to block all FTP traffic at the firewall. Then, for permitted file transfers, allow only secure encryption protocols such as SFTP, FTPS, HTTPS, PGP, or GPG for file exchanges in and out of the network. These security restrictions will deter most hackers.

Security Measures Can Be Challenging

Implementing these security measures is important, but it doesn't come without some challenges.  The IT staff will have to handle more complicated secure file transfer management processes, and users may be inconvenienced as files are transferred to people and organizations that need them.  As a result, users may look for a workaround for sending and receiving files to avoid being slowed down by the IT staff.  Popular alternatives users may try include email attachments or browser-based cloud services such as Dropbox that present a new vector of vulnerability as these options may not meet necessary security standards.

MFT Minimizes Hassle, Solves Security Vulnerabilities

There is a solution, however, that can provide not only the highest security for file transfers, but also create fewer hassles for both the IT department and the general employee.

Managed File Transfer (MFT) solutions increase data file security implementations and simplify the entire file management process by providing the tools for easily creating and managing all of the unique encryption keys for the company's various trading partners.  Access controls can be set up for authorizing each employee's file exchange requirements. MFT also provides a detailed log of all transactions so that any required audits may be easily fulfilled.

Some MFT vendors also provide intuitive and convenient email encryption solutions that can integrate with existing corporate email clients such as Outlook. This reduces the temptation for employees to use workaround tools that may bypass the security restrictions that have been put in place to prevent hacking of sensitive data.

Keeping data secure is an ongoing mandate that will only become more critical as industries move toward paperless environments. Adopting a managed file transfer solution is one of the best ways to strengthen your file transfer processes and security as the pressure and liability risks continue to grow.

 

Want to learn more about protecting data from hackers and data breaches? Read this informative whitepaper: Defending Against Data Breach: Developing the Right Strategy for Data Encryption.

 

 

 

 

 

photo credit: kryptyk via photopin cc
 
 


GoAnywhere Secure Mail Now Works with Outlook 2010

With the latest release of GoAnywhere Services 2.8.0, the development team included a plug-in that integrates Secure Mail with Outlook 2010.  This is great news for both the IT staff and everyone else in the organization who finds themselves needing to send files via email.

Whether we realize it or not, the simple act of emailing a file as an attachment can pose a significant security vulnerability, especially for organizations governed by strict compliance regulations.  Learn more in the previous post "Ad-Hoc File Transfers Present Challenges, Vulnerabilities."

For those unfamiliar with the GoAnywhere Services Secure Mail module, it allows users to send files securely by generating a unique, encrypted link that is emailed to the recipient.  The receiver can then click on the link to view or download the files via HTTPS.

The benefit for employees is that they can now send any files, regardless of size, through their Outlook 2010 email client, or they can use the web form that comes with the Secure Mail module.

Even better for the IT staff is the ability Secure Mail provides to track these ad-hoc file transfers and maintain thorough audit trails required by compliance auditors.  And, by implementing a secure mail solution throughout the organization, the IT department regains control over protecting sensitive data while eliminating the need for employees to use any of the free FTP tools they may have downloaded to their desktops or the various cloud applications popping up each month.

GoAnywhere Services Secure Mail WebinarIf you're curious about how GoAnywhere Secure Mail, looks, feels, and operates, check out our free 30-minute webinar on Wednesday, August 15, where Chief Architect Bob Luebbe will demonstrate how easy it is for even the least technically inclined person in your company to use it to send ad-hoc files. 


Data Breach Remains a Hot Topic for Media

During the past few years, the media has highlighted a variety of examples of the loss of private information by large companies either by theft or misuse.

One of the reasons for the increased media attention is the renewed focus on establishing and enforcing data breach notification laws which apply to companies that own, lease or store private, personally identifiable information. If that data is exposed to unauthorized use either by accident, cyber attack, employee misconduct, or other causes, most states require companies responsible for protecting that data to announce the data breach and individually notify everyone affected. Some states require that credit agencies are also notified.

data breach, managed file transferFor clarification, private data means any information that can be used to identify an individual, including sensitive information such as a credit card number, social security number, or health related data. T

here are a few exceptions to having to report the data breach. If the compromised files were encrypted while in transit across the Internet or stored on stolen backup tapes, for example, it is unlikely that the files could be unencrypted, so the individuals' privacy isn't as likely to be compromised.

A company that finds itself dealing with a data breach learns quickly that the process is not just embarrassing and costly (sending notifications, providing free credit reports, etc.), it can also damage the company's hard-earned reputation resulting in the loss of customers. The point is that companies are responsible - and legally liable -- for the information that is in their hands.

Securing File Transfers

Most companies use FTP (file transfer protocol) to send data files back and forth to their trading partners, vendors, remote employees, etc. Most often, FTP is used to send files that are too large to email.

However, file transfers like these are captured and compromised by data thieves on the Internet every day -- unless security procedures have been put into place to safeguard the files' data.

Companies need to implement procedures that secure both an in-motion process (files in transit over the Internet) and an at-rest process (files stored on servers or backup tapes). SFTP and FTPS protocols both secure the file while in motion by encrypting the communication link between two systems during the file transfer. PGP encrypts the file itself, protecting it while at rest on the server or backup tapes.

When addressing the challenge of sending ad-hoc files that are too big to email, finding a managed file transfer solution that includes a secure mail feature can mean the difference between an accidental data breach and a successfully delivered file.

Implementing these security procedures is a significant step organizations can take to greatly reduce their risk of data breach, and therefore their exposure to the financial liability and the loss of confidence of their customers and trading partners.  


Ad-Hoc File Transfers Present Challenges, Vulnerabilities

Regardless of industry or job title, most employees who sit at a computer screen all day have, at one time or another, needed to email a file that was too big to send.  For most people outside of IT, that posed a significant obstacle.

Take Betsy, for example. How could Betsy in Marketing send the CEO's requests for changes to the annual report back to the ad agency if the file was too large to attach to an email?   Fax it, maybe?  So old school!

secure mail, ad-hoc file transferBetsy is eager to do a good job and meet expectations, and hates depending on someone else to help her do something she perceives should be relatively easy to do -- like send a file as an email attachment.  Therefore, because her boyfriend told her something about FTP-something, she uses a search engine and finds a host of FTP tools she can download for free that promise to solve her problem quickly and easily.  Score!

Free FTP tools, browser apps, and cloud-based storage, oh my!

This scenario is replicated in thousands of companies every day.  Employees download FTP tools or use FTP features that "come with" their browser, and they rejoiced believing that their file transfer problems were solved.   Others created accounts on cloud-based file storage systems where they uploaded files and then sent an invitation to the recipient to download the file using a specific link.

Unfortunately, while a free FTP tool downloaded from the Internet might solve an immediate need, it often creates a host of other problems, and many of them go unnoticed because IT administrators are unaware that this is happening.

Here are just a few of the challenges for the IT staff:

  • Who has what tool installed on which machine?
  • Who provides support for these tools if there's a problem with a file transfer?
  • How are the file transfers secured to prevent data breach?
  • Who is monitoring what data is being transferred, by whom, to which recipients, and for what purpose?
  • How is the receipt of the documents confirmed?
  • How will compliance auditors view this approach to ad-hoc file transfers?

There's no easy solution -- or is there?

Company policies could dictate a variety of solutions.  They could block the download of any apps to individual desktops at work, and/or require people who need to do ad-hoc file transfers to register the tool and the relevant login data with the IT department for approval.  They could require that anyone who needed to send a large file make a formal request to the IT department and wait for someone there to send it via the company's official FTP software or managed file transfer solution. They could require all staff to sit through mandatory training to deter them from continuing this practice.

A more effective approach might be implementing a secure mail tool.  A trustworthy secure mail system will keep the files that need to be transferred stored securely within the organization's network, and will allow authorized users to email a unique link to a trading partner that they would use to access and download the files via an HTTPS secure channel.

Most of the cloud-based file storage systems provide a similar approach, allowing users to store their files and then invite others to view or download them using a link.

There are critical differences, though, between a secure mail system and the cloud-based apps.  Most importantly, secure mail gives control back to an organization's IT administrators so they can track file transfers and maintain audit logs, both of which are required by most compliance regulations such as HIPAA, PCI DSS, SOX and GLBA.  A secure mail system that is controlled by the IT staff can ensure that file transfer policies are followed, and can include additional security features such as requiring additional password protection, applying link expiration dates, and other features.

Bottom line

Most organizations want efficient workflows, employees who feel empowered to do what it takes to meet expectations, and assurances that the data they store and transfer is insulated from external threats.  A secure mail ad-hoc file transfer solution seems like a smart way to accomplish all of those goals.

GoAnywhere Services just released a new Secure Mail module, so check it out.