Posted on Nov 08, 2010 | Categories: Managed File Transfer|
Before looking for a managed file transfer solution, it is important to determine how data is currently being transferred from your organization. You should find out what users and applications are performing the data transfers, where the source of the data resides, how sensitive the data is, how the data is formatted for the partners and what protocols are used to transmit the information. If the files are encrypted or compressed before transmission, find out what tools and standards are being utilized.
After you've done your in-house analysis, then start a search for a secure file transfer solution that best fits your needs. Listed below are the Top 10 managed file transfer considerations.
- Platform Openness - To reduce the points of connection to sensitive data and reduce the risk of exposure to those without a need-to-know the MFT solution should be installed on the server operating system where the sensitive data and applications reside. If your corporate data mostly resides on the IBM i, then it would make sense to get a MFT solution that runs on the IBM i.
- Authorization Controls - To meet many compliance regulations, the MFT solution must provide role based access to limit user access to certain servers or MFT functions based on user credentials.
- Secure FTP - Plain FTP is not secure. The MFT solution must support both SFTP (FTP over SSH) and FTPS (FTP over SSL) protocols for secure FTP transfers.
- Encryption Standards - At minimum, the solution should support the industry standard encryption standards: AES, Open PGP, AS2, SSH, SSL, TLS and S/MIME.
- Database Integration - The MFT should readily connect to DB2, SQL Server, Oracle, MySQL and other popular database servers for extracting and inserting data.
- Data Transformation - Is the ability to translate data between popular data formats including XML, CSV, Excel and fixed-width text formats.
- Data Compression - Compresses and packages data using popular standards such as ZIP, GZIP and TAR to reduce transmission times.
- Application Integration - The MFT should provide commands and APIs for interfacing with your applications.
- Scheduling - Allows transfers and other MFT functions to be scheduled for future dates and times.
- Key Management - Does the MFT include management tools for creating, importing and exporting keys and certificates? Related Blog Post: What Qualifies a Product as a Managed File Transfer Solution?