How to Choose the Right Encryption Method for Securely Exchanging Files

Angela:

Hello, everyone. Thank you for joining today's webinar on choosing the right encryption method to securely exchange files, where we're going to be learning about why encryption matters, how it works and how encryption with MFT or Managed File Transfer can be the difference between a secure file exchange and a vulnerable one. I'm here with my co hosts, Chris Spargen and Heath Kath. Welcome, gentlemen.

Chris Spargen:

Hi, Angela.

Heath Kath:

Hello, everyone. Hi, Angela. Hi, everyone.

Angela:

Before we kick things off, I'm just going to remind everyone that the event is scheduled for about an hour and we are recording the event. So we'll be sending that link out to you all afterwards, you can feel free to ask any questions throughout, that you have throughout the presentation. And we have some team members on the line, who will go ahead and answer those throughout the event. And then we'll try to save some time at the end to answer a few live. Finally, a survey will display at the close of the presentation, and if you can fill that out for us, it'll give us some valuable feedback on what parts of the presentation were most helpful. And you can also reiterate any questions that weren't answered during the live event. Okay, let me introduce you to our presenters. I want to advance to the next slide. Thank you. All right, so Heath Kath is our senior solutions consultant here at HelpSystems, working with our GoAnywhere Managed File Transfer product line.

Angela:

Heath provides pre sales support specializing in demos and proof of concepts. He's also a member of our professional services team providing additional training and assistance to our GoAnywhere users. And Heath's free time, he enjoys hiking with the family, fishing, hunting and coaching the high school trap shooting team. Welcome Heath.

Heath Kath:

Thanks.

Angela:

Chris Spargen leads our solutions engineering teams in HelpSystems managed file transfer division. And he has led customer facing technical teams for the GoAnywhere MFT product line for the better part of the past decade working in all facets of the technical support, professional services and solutions engineering. Chris has been fortunate to experience a multiplicity of customer deployments over his time and love seeing customers simplify their business processes by automating and securing their data. Chris loves the outdoors and spends his free time building, hiking and riding mountain bike trails with his family of six. Sounds fun. Thank you so much for being here with us today, Chris and Heath, I'm going to turn it over to you and you can take it away.

Heath Kath:

Sounds good. Thanks, Angela.

Chris Spargen:

Awesome. Thank you, Angela. I appreciate the introduction. You got a couple outdoorsmen today, everyone. So let's hop right into our agenda. We're going to cover how encryption works, walk through some common terms that you may have heard in the past and deep dive into those, really articulate why encryption matters, especially in our current day and age, with so many people using technology to interface with one another and sharing data. And then we'll walk through a live demonstration of a number of different file exchange or file transfer scenarios. And then we'll wrap it up with a Q&A as Angela alluded to. All right, let's hop into all things encryption. So at the end of the day encryption is all about encoding data. Messages or files, so that it's unusable or unreadable until it's decrypted.

Chris Spargen:

Typically, the stronger your encryption, the better off you're going to be. There are algorithms that will be out or encryption algorithms that will be out for about a decade if that, there're some that get hacked and are vulnerable before that. So as a general best practice, the stronger stance or posture you take around encryption, the better. It's been around for a really long time, actually. So I pulled some fun historical facts here about encryption. So the ancient Egyptians used a simple form of encryption, as did Caesar whose cipher stands is one of the most important examples of encryption in history. So Caesar used a primitive shift cipher that change letters around by counting forward a set number of places in the alphabet. It was extraordinary useful though, because any of the information that was intercepted by his opponents were then practically useless. So very interesting that before technology really had a foothold in our modern world, encryption was being leveraged. More recently, those standards such as open PGP and NIST exist to leverage encryption in our modern technology. This is an essential component to use in the internet today and retaining privacy. Next slide, please.

Common Encryption Terms

Chris Spargen:

All right. So we're going to get into the terms and I kind of grouped these from beginning to end for the most part. So if we start with plain text, this would be the most basic encryption term, which is simple, but just as important as the others. So plain text would be an unencrypted readable plain message that anyone can read. Moving into ciphertext then, this would be the result of plaintext being encrypted, or a result of the encryption process. The encrypted plaintext will appear as apparently random strings of characters, rendering them useless. A cipher is another way of referring to the encryption algorithm that transforms the plaintext, hence the term ciphertext. So then we get into encryption. This would be the process of applying a mathematical function to a file that renders its contents unreadable and inaccessible unless you have the decryption key. Decryption would then be, if encryption is going to lock the file for us, the decryption is going to reverse that process turning ciohertext back to plaintext.

Chris Spargen:

Decryption will require two different elements depending on what type of encryption and decryption you're doing, but that would include the correct password and the corresponding decryption algorithm. If we go into hash, or hashing, when a website encrypts your password, it uses an encryption algorithm to convert your plaintext password to a hash. A hash is different from an encryption in the fact that once data is hashed, it can't be unhashed. Or it's extremely difficult to do that. Whereas encryption is a two way function, hashing is a one way function. So while it's technically possible to reverse hash something, the computing power that's required makes it unfeasible. Encryption is meant to protect data more in transit, whereas hashing is going to be leveraged to verify that a file or a piece of data hasn't been altered. Think of it as kind of a checksum.

Chris Spargen:

Moving into salt or salting. So salting is a concept that typically pertains to password hashing. Essentially, it's a unique value that can be added to the end of the password to create a different hash value. This adds a layer of security to the hashing process, specifically against brute force attacks. A brute force attack is where a computer button attempts every possible combination of letters and numbers until the password's found. So when salting the additional value is referred to as a salt. And the idea is that by adding a salt to the end of a password and then hashing it, you've essentially complicated the password cracking process. All right. So we talked about keys a little bit and there's two... I guess to real quick explain, a key is a randomized string of bits that's used to encrypt or decrypt data. There's two primary key systems that you should keep in mind as it pertains to cryptographic key systems that are going to be essential to encryption technology. And that's going to be asymmetric, versus symmetric.

Chris Spargen:

So symmetric key system is going to be used to... You're going to use the same secret key or private key to encrypt and decrypt. A good example of this would be password protecting your Excel file on your desktop. You can use that within Excel, you own the private key, you know that password or that key to unlock that Excel file on your desktop. Now, asymmetric key systems introduced key pairs and that would include public and a private key when you establish your key pair. The public key would be leveraged for encrypting data, whereas your private key is going to be used for decrypting data. Professional tip here, you should never ever, ever share your private keys. Occasionally, we'll hear processes where customers may be creating their key pairs and sharing the private key out to their trading partner and holding on to that public key. That's really not a best practice. And if you ever do share your private key, it's advisable to change that key pair and issue a new public key to your partners at that point.

Chris Spargen:

Asymmetric key systems, think of open PGP or SSL certificates or SSH keys. These are all good examples of asymmetric encryption where a public key is going to be used to encrypt and can be shared with trading partners and then a private key is going to be used to handle the decryption process. So moving on, you may have also heard PGP or I just referenced it. This stands for pretty good privacy. It was created in 1991 by Phil Zimmerman. And it's really more of a collection of algorithms than a single one, all for hashing, data encryption and then both the use of public and private key cryptography. Each step of that uses a different algorithm. And even though the term pretty good privacy, you may wonder, that doesn't sound very secure. It's been around for multiple decades at this point. And because it's the collection of algorithms opposed to a single algorithm, you're able to leverage more secure algorithms, as algorithms become outdated, new ones come out and they're part of that PGP process.

Chris Spargen:

And finally, the email encryption. So this is something that there's multiple versions of this, you've probably heard about email encryption in a number of different ways. Typically, symmetric key encryption would be used from like your Gmails, your Outlooks in sending email messages to maybe a group of users or a single user. Other solutions will leverage email to send a message with a link that you then open up in your browser and access. And that's going to be decrypted to the recipient at that point, which would follow more of the policies of asymmetric encryption. So this could be files as well as a message body. Let's go to the next slide, please. Because I did want to just quickly illustrate a diagram of both symmetric as well as asymmetric encryption.

How Encryption Works

Chris Spargen:

So when we look at this, the notable things to take away from symmetric encryption would be if I go back to that Excel example I gave earlier, if I've got a plaintext Excel file, I password protect that Excel file and choose a form of encryption algorithm with that password protection, that password or the secret key is going to have to be shared with another recipient in order for them to take the ciphertext and turn it back into plaintext. With asymmetric, you can see a kind of a workflow there where we take a raw file, we encrypt it using a public key. So if it was one of my trading partners, it would be the public key that they provided to me, which is going to result into an encrypted file. If I send that over email, or FTP, or maybe SFTP, my partner would then receive it, they'd have an encrypted file, and then they are the sole owners, or hopefully, they're the sole owners of that private key, which they would then use to decrypt our file. And at that point, they have the raw file in its original format.

Chris Spargen:

So that's just a real quick overview of a lot of complex things that I just threw at you around encryption, but hopefully that helps everyone understand it a little bit better. And I'm going to turn it over to you, Heath.

Why Does Encryption Matter?

Heath Kath:

All right. Thanks, Chris. Yeah, I just have a few slides to run through, then I'm going to jump to a demonstration where I'm going to show a lot of different examples here today. So hopefully, looking forward to that. The idea here is about encryption, make sure everything's all secure and all that. And with this past year, we all know that 2020 has been remarkable in many different ways. Especially when it comes to really the surge in cyber attacks. COVID-19 pandemic has given us unprecedented opportunities to cyber attacks, to hack and break down the organization's IT infrastructure. Us here alone, we went from what? 25 offices to over 1000 offices worldwide because we're working in our I'll say remote offices, aka home. So that work at home working model adopted by each or by such organization has been attributed to the rise of cyber attacks. The security gap between the home and office network has played a key role to make way for those data breaches in this past 2020.

Heath Kath:

The issue has resulted in the theft of confidential information leading to loss of millions of dollars for several different organizations through those breaches. And today, I have a few different ones here listed for us, but those cyber attacks have come up in so many different ways, so many different ways, through trending, through phishing, cyber attacks, ransomware attacks and all that. And according to some security research firms, over 81 global firms from 81 countries reported data breaches in just the first half of 2020 alone. In fact, 80% of firms have seen an increase in cyber attacks for 2020. Of course, now we're going to 2021, coronavirus is alone blame for a rise of 238% in cyber attacks just on banks. Phishing attacks have seen a dramatic increase of 600% since just the end of February of 2020. Due to the pandemic, ransomware attacks rose 140% just in March compared to the previous year. So this continues to be pounded out with all these different companies, different organizations. And through some different researches out there, I found some information from Security Boulevard, ZDNet, Security Magazine.

Heath Kath:

So some of these breaches I'm listing here came from those different resources. They all have very similar content. How different companies were exposed. And I'm just going to run through here pretty quickly. Again, Microsoft was hit. We have IRS's tax refunds. A US resident was jailed for using information leaked through data breaches to file fraudulent tax returns worth $12 million. Email.it, the national Italian email provider failed to protect the data of 600,000 users, leading to its sale on the dark web. Wattpad, Dickey's, which is actually a US barbecue restaurant chain suffered a point of sale attack. They believe it was between July of 2019 and August 2020, three million customers have their credit card details later posted online. Whisper and several others. There's just so much out there. And a lot of these resources I read into is that now the prediction for 2021, which we're now rolling straight forward, head down, pulling through it. See how we can bounce back here from the coronavirus. But what will the cybersecurity landscape look like?

Heath Kath:

Any separate cybersecurity profession will tell you that cybersecurity is a moving target. And Hallenbeck, he also mentioned that organizations must continually reassess and redeploy their cybersecurity strategies, but many had to lower their guards in 2020. The realities of global pandemic resourcing and finances meant sidelining new security projects or accepting less visibility across the IT. And to stay ahead of the ransom attacks, Hallenbeck also said that organizations will need the ability to see to manage and to control each and every endpoint 2021. They need that security, they need to be protected in one way or another here with their data. And the encryption matters because cybersecurity threats exist and are continually growing in number. The threats, they could be just accidental. Internal staff sent you information by mistake that wasn't encrypted. These are inadvertently data leaks, but they are nearly half of the data loss incidents. Maybe it's that curiosity. Hey, you see a folder, so you click on it. And now you're seeing personal information about other employees. Maybe it's their social security numbers, maybe it's their salaries.

Heath Kath:

And then we have those hackers who deliberately are trying to access confidential information and sell those malicious threats out there. Many industries such as banking, healthcare and more, require encryption to ensure compliance requirements are being met. Locking the data down and away from both deliberate, malicious threats as well as from accidental mishandling is your best protection from huge financial loss, loss of reputation and the trust that you need out there. Why encryption matter? And what is the right encryption method? Several factors must be considered before choosing the encryption standard to follow. Chris earlier talked about all the different types and what they're for and how they can kind of be built. Well, how sensitive is that data being exchanged? How will the data be transmitted? Is it just FTP or secure FTP, email, HTTP, et cetera. Are the files large and should be compressed? What encryption methods should be used within that zip file? Should the files be encrypted at rest before the transmission or should the connection or the channel itself be encrypted or both in a way? And you have options there. What encryption standards do your trading partners support or require?

Heath Kath:

A trading partner may ultimately dictate the encryption standards of which you must follow and support. For instance, many banking and financial institutions require that customers encrypt files using open PGP encryption standards, but then also follow some type of a secure file transfer protocol. All right.

Live Demo

Heath Kath:

I don't want to throw in a lot at you just in text there and slides, they're not quite as much fun here as a demonstration. So I do have lots of examples for you guys to walk you through. So my whole thing is, sit back buckle up and that's here we go. So let me share my screen. Let me get on that one. All right. So right now, within GoAnywhere, we have a lot of different things that you can do and the different things you can set up regarding that security from both the users logged into GoAnywhere as the administration, which I'll be showing mostly today, but also for the end users. And this first example is about sharing some data, maybe has some sensitivity, some lower sensitivity or lower security information. Password protection is recommended, maybe it's needed, you'll find that edge.

Heath Kath:

Well, maybe you need to send your priceless essay to your customers over an email, you want it to be easy for these customers to open the file. Well, this priceless information is not extremely sensitive, you still would like to at least password protect it. Give it some security boundaries on it. So what am I doing here today, let me jump into some examples to walk you through one example right now on how we can set this workflow, a process, a project to walk through encrypting some files and send them out there. And we do have other webinars and we're be glad to give a demo if I skip over some areas here. But there's a lot I want to cover. So this first one here, this project, zip unsent file, let's go and take a look at it.

Heath Kath:

So this is your first actual demo or webinar of GoAnywhere, you're going to see we have actually four panes to work with to build this workflow, this process, a step-by-step process, maybe it's similar to your scripts and programs you've written in the past, but this is all graphical. It's drag and drop, double click to build this workflow. And we support variables, we have that in the far right side, we've got the project, really the attributes, the values of the parameters. The outline is that process, that flow that you want to follow. And then the compiler library, we have all these different tasks. Over 150 different tasks you can pick and choose. So this example, we have a workspace, we're going to create a temporary space to put some files in of which I can work with. I can manipulate, I can read through, I can grab it from there, send it out multiple locations, all from this temporary workspace.

Heath Kath:

So I'm going to create a workspace, I do have a timestamp variable, the variable is called today. You can use variables to rename files, to rename a folder, we've created a folder with today's date. A lot of different ways here. I got the pattern laid out, year, month, day. This first task is all about zipping. And if I go over to the left hand side compression, there's my zip task. And all it is a double left click or drag and drop to bring that in there. So it's pretty easy to get in there. Let me just make a little bit smaller, so I can get everything to fit on my screen. So get the label, the file. The files you want to ziP. These projects... Long story short, I would say should be automated. You want them to be kicked off automatically, either by a scheduled job, a folder you're monitoring or some type of a triggered event. So if that's the case, these files coming in, you could actually have a variable in here.

Heath Kath:

And maybe it's a single file variable, or a variable has a list of files. Of course, you can also hard code the path as well. What I did in this example, I have a file set. I'm going out to a folder, this outbound folder and I'm going to grab all the documents out of there. We make it really easy to navigate and to browse to those particular folders of which you want to grab those files from, those source files, which you want to zip up. They could be coming from a local directory, or something we really haven't gotten to yet, but these resources. Just think of them as another location you can get to, you can define a connection to, your S3 bucket, Azure Blob storage and network share, even a remote server, you can grab documents from there. So I got this path defined, I'm going to grab all the files, and I'm going to zip them up. And if you look closely, I have that variable name right there. So I'm going to call it daily zip and with today's date appended to it. I do have it password protected.

Heath Kath:

So I have applied a password. I can define the encryption method as well. So we got a couple layers of security there. And if I jump back, if you look over here on the left hand side, a couple different tasks. You can grab that zip file and transfer it to multiple locations if needed, or just one as well. Copy to location. So I'm using a copy task this time. Move to location, I'm moving it using just the move task. The zip file, I didn't point that out, but let me go back here really quick where I did the zip task, the very bottom, I created a variable. Now, think of this as a pointer to the files I just zipped up. The file I just created, the zip file. So I'm able to easily grab that zip file to point to it, to grab to it, I don't need to define that path to grab that file. That variable by the way, when you create a variable, is right over here. It's just drag and drop or double click to put that in there.

Heath Kath:

The destination. Again, you can browse, you can navigate to those different folders locations, those different resources to deliver it. In this example, I'm going to deliver to a customer's inbound folder and later on another example, I'm going to show you how the user can log in and download the zip file. And then you'll delete at the end. So I'm going to clean up these files that are temporary being created. I do recommend having some error handling built into it. What if something goes wrong? If something goes wrong in this example, I'm going to call this error module, and I'm going to perform these tasks that are built in here. You can add more tasks to it. But I'm going to send a quick email out. I got my from and to's in here, these are through some variables. In fact, these are folder variables that are defined ahead of time. The message information and even attach the job log.

Heath Kath:

And this is the system job log. Again, this is drag and drop that right into place there. You can validate it. At a high level, can you compile these projects, blue is good, execute it, run it. Those files were just zipped up and delivered. And very quickly just to summarize some files, put into the zip file with today's date and I delivered in two different locations there. Just like that. All right. To go on to my second example, I'm going to start in all of these resources, I teach a little bit all about those resources. And think about this here. To expand a bit more on this, you are the client, you are initiating the file transfers. Let's say you have a highly sensitive banking information and you need to send your company's payroll direct deposit information to the bank. Or you have information about a patient or a customer that is considered highly sensitive. Your employer wants you to encrypt the files with PGP, then to send information over FTP protocol like secure FTP. So that's what I'm doing here in this exact example for you. But to start off here, we have resources.

Heath Kath:

As I mentioned earlier, you can create a shortcut, a connection to these different location, different resources, different servers. S3 buckets, Azure Blob storage, maybe ICAP servers, your network shares, and you can start seeing these names here pop up for the ones that have been created and set up. The example I'm going to use today is this ABC server demo. So maybe I have a customer or server that I want to send to is called ABC, you're going to define what's required to connect up to that server. We got the IP address, or you can use the host name, the port number, the listing on profile password, maybe it requires a key. What's really nice about GoAnywhere? We have a built in key vault that allows you to manage these keys. You can create new keys, you can import existing keys right there and easily select them. So you're going to set up that connection information and we allow you to test it out. Let's make sure you can knock on that door and it'll open up for you. So blue is good.

Heath Kath:

Connections. You can define an automatic retry or recovery option. What if that connection goes down you have most of the file transferred? Well, if you set that retry, hopefully we can pick it up here and reconnect and resume that file transfer versus starting over. Different proxies and algorithms that may be required, context is basic information, but it's great, it's centralized. If you can't connect to a server, especially a trading partner or customer out there, who do you call? So you put a couple names in here. So you set up these resources that you can actually utilize within these workflows. So this second project, I'm going to actually use that resource. We got that temporary workspace, this time we have a new task we haven't touched yet, the PGP encrypt task. Again that comes right from the left hand side over here it's drag and drop or double click. We have the files again going to a directory. This time we do actually have a filter. I'm only going to include those files that are Excel type.

Heath Kath:

I don't care what the name starts with as long as it's XLS whatever, we're good to go. You can add as many filters as you want to include or exclude certain files and all that. Where I want to put these files, I'm going to encrypt. So we're going to put them right into this temporary workspace for now, I'm going to use my trading partners public key. As Chris mentioned earlier, you have your pair keys, right? Well, this case, the customer who you send it to, they will send you their public key. You encrypt with their public, you send to them, they have that private key, so they can decrypt it. So here we have that key right there. And by the way, once it's in the KMS, you can easily select it. So again, don't forget to import it into your Key vault. All right. And down below, I'm keeping track of those files again into variables. So those files that are encrypted, I'm calling this variable encrypted files, I got the original files here through a variable as well, that way I can utilize them in the following tasks.

Heath Kath:

I'm going to connect to my server, step one, we got that resource to find, select it, select your customer who you need to send us to. Transfer those files, take advantage of those variables, it makes it really easy. Just grab that variable, it's right over here, just drag it in there again. Let's see, we got the destination. And here when I click on those three dots to browse or navigate, it actually uses that resource. I'm connected to that server, to that remote server, that customers. And based on my permission, I can easily navigate to where I need to drop these files off at. Just select it, done. All right. In most situations, you probably want to delete the original files. So here we're going to delete the original files, just by throwing it in there.

Heath Kath:

You may catch that this is a different color, and just in case you did, I actually disabled this task because this is my test server, I don't want delete my files when I'm done, but in a normal situation you probably do. So once you transfer those files across, you want to either delete them or move them or something like that, if needed. And then I'm going to clean up the workspace. Again, validated it, run it, blue is good. And this has kind of jumped through pretty quickly here. It's a very detailed log, but four files were just encrypted. Above it, you can see each of the files, the names of them. Four files were uploaded to the target server. So now the customer has them and now they can get decrypted when they're ready to. This next scenario is more around just the authentication. We'll talk a bit more about this. Where maybe a signed certificate is required, your trading partner wants to exchange information with you over a secure FTP connection. They need to authenticate your company with a signed certificate.

Heath Kath:

Using a signed certificate to authenticate the connection, it makes them feel better they know exactly they're going to a secure site and all that. And you can start off by just sort of manage those certs, manage these keys within the KMS. So this is the KMS I'd mentioned earlier, you got your key vaults out here and you can start managing those certs, your SSH keys and PGP keys. Let me jump into this certificates. This is one way to get into it by clicking that 66 hyperlink there. But you can also just note, click on the cogwheel. Anyhow, here we have some certs out there. Here we have the GoAnywhere wildcard certificate signed by GoDaddy. I can see right there we have this cert, I can actually use this cert right there. When you create the certificates, if you need it to be signed, you create the certificate on the cogwheel, you can generate the CSR, send the CSR to GoDaddy, GlobalSign, DigiCert or some other provider out there. Give us a bit of money, we'll send it back to you and then you can import that CA reply.

Heath Kath:

So now you have that signed cert which you can use. Just so you know, here's that little cogwheel, same way you can actually manage those same areas to get into your certificates and keys, the hyperlink is there.

Chris Spargen:

Hey, Heath real quick.

Heath Kath:

Yeah, absolutely.

Chris Spargen:

One thing I'd add around our key management system in GoAnywhere is fair bit of applications will sometimes have their key stores on the file system. And one thing about our key management system is we do have a file-based key access if it's required for some reason, but typically keeping your key stores on the file system is not considered best practice. Instead, we retain it inside of our database, it's encrypted and one thing to point out with that, so just wanted to mention that.

Heath Kath:

That's a great point. Absolutely. So you do have options there as well. So, that's not a problem. So yeah. So you got file-base keys going with the KMS as well. So some really good options there for you. Just to show you some examples, again, time wise we'll keep moving right along. But within these resources, let's say you want to do that FTPS connection, you're the client, your initial connection to some other server out there using FTPS. Let me jump down into... I guess one has been set up. Getting information about that server, how to connect to it, but just to jump to it, the certificates tab, we have that Key vault, and there it is. Again, we do support file-based keys as well. So it's not a problem there, set it up to find it, select it, and you're good to go. How about you as a listener? If I jump over that really quickly? And I'll just pick on same thing, you have FTPS over here. So customers coming to your server.

Heath Kath:

And let's jump down to this right away, down the bottom, certificate location. So we have the key vault and we got the key selector right there. Again, with the key vault, we do make it pretty easy, where you select that key that's already been imported out there, that's set up out there. And just to show to you, that warm handshake, if you look up on top, it might be hard to see, but I have a couple of different sites I'm going to, you can see that padlock just left of my connection here through this HTTPS connection. This is a closed padlock, so we know it's a secure connection, you can also click on it, you can actually view the certificate and verify it as well. This one here has been signed by GoDaddy. Or if I jumped over here, pretty obvious, not secure. So we don't have a certificate that has been sign there.

Heath Kath:

It's just getting what do you want there, some sites may prevent you from connecting up again if you have to have that signed certificate. All right. So I'm going to switch gears in my next example. And again, this expanding a little bit more on encryption. So this example is actually a combination of different things, but throw together at you at one time here, but the idea is here. Let's say you need to protect the data at rest. One way, of course, is PGP encryption. Another way is to utilize our encrypted folders options. And within the encrypted folders, you can actually set up these folders to be encrypted, that is when data, these files, these docs are placed into these folders using GoAnywhere, they're automatically protected at rest with a AES 256-bit encryption easily and really seamlessly as well for the end users. They don't know it. So it's really easy to set up, you just walk through a little wizard, a few steps later you're done, you have that folder set up for encryption. So again, it's all about making sure your data is secure.

Heath Kath:

So let's say a customer or trading partner needs to upload a file to your server, once it lands you need to protect it, this is a great way to do that. They could be using FileZilla, they could be using our web client through our secure folders options. Let me just go ahead and log out really quickly just to show it to you. So you can actually have a web client page where these users can log into. And you can customize, you can rebrand this page making sure it's yours. You can have your own image, your own logo and disclaimers. So again, you can customize it. The user will security connect up here. If I typed in right, excellent I'm in. And they're going to see the functions that you set up for them, enabled for them, that is. What I want to demonstrate now, is run those folders to be able to upload a folder and keep it protected, keep it safe, right? So, that's the idea here. And I made a pretty obvious on this virtual folder name.

Heath Kath:

This is just a made up name, but I made it pretty obvious called encrypted, just to keep it simple for my self here today. But it's all about making sure the data is secure. They have this folder setup, that folder could be pointing to wherever you need to, for location wise, and it could be pointing to a folder that's set up for automatic encryption. ASE 256-bit encryption. And for my demonstration... Let me go hear, my screen's got buried. All right. I have a file I'm going to upload and start with that. There we go. Here's the file on my upload. It's just a basic file, I want to show it before I do it. Easy enough to read it there, some test data. But I am going to as a user. So think about this, this file could be coming from a user, it could be your own going out the door, whatever it is, they're going to upload this file, they're going to put this file into that folder that's set up for encryption. So we have that file right there.

Heath Kath:

Now, if the user would come through a backdoor, let's say a window explorer, and we go and refresh it. There it is. They try to open up that document. Again, we're protected at rest already. Depending on what type of document it is, it may open up with garbage, or it may just air up because it can't read it, it doesn't understand what's there, it thinks it's corrupted, whatever might be. And that's what we basically should get here, I think. And yeah, there it is. So it can't open it. Easy enough there. But now, within GoAnywhere, as long as you go anywhere to grab that file to download it. So another user login to download it, or an application within GoAnywhere, a project to move it around, it will be decrypted automatically.

Heath Kath:

What I'm going to show you to just to keep it simple, within GoAnywhere, as an admin, I have permission to download, there's a document, you can see the date and time there, I can grab it, download it. And now when I open it, it should go back to what we saw originally. And there it is. So great way to help you protect your data. As the second part of this example, we're going to go into actually back in workflows, these projects. Maybe have some larger files, sensitive files, you need to securely FTP it, or maybe email the doc. This project is very similar with what we ran earlier, but I have a little bit of a twist to it. Workspace, zip the files, again, you can apply these different passwords if needed.

Heath Kath:

So again, what if that document needs to be encrypted? Maybe you send out purchase orders that have some fairly sensitive information, maybe you have some larger files, or many, many files and you want to zip them together, compress them, right? The purchase orders could be sent over standard FTP connections, or maybe email. However, for better security, recommend zipping with a ASE encryption of which we did earlier. Maybe then after zipping that file, send an email out. Email with a password using secure FTP. There's a lot of good options here. So we have the zip task as we did earlier. So I don't need to walk you through all the way that, but I do want to point out, we've got some MP4 objects here, some bigger, larger files, zip them together, keeping track of them through variables. So we have the zip files, and then we're going to transfer it. I have two different examples to just kind of walk you through. This first one, using the secure email package.

Heath Kath:

File transfer, going to where, we can actually send out secure emails, of which the recipient will receive a link as I think Chris mentioned earlier, they can download the documents. I see we got that going out there, we also have... By the way, your source file right there. Maybe you want to transfer it using secure FTP, you got that resource, the customer, the server you want to connect to, transfer the files with this put element. Again, grab those zip files to that variable, really easy. And then we do delete the workspace and some error handling. This one here did run early... I actually had this one scheduled to run, I had it automated. And if I jumped to audit logs, this example three dashes zip. Let's see here, there it is. So this one here was scheduled to run at 9:00 am, and it ran and it's green check mark, so we know it ran successfully. And I can easily dive into that job log. And we can see what happened. Two files were just built or put into that zip file.

Heath Kath:

The zip file was then sent out. This first one here, this was that secure email, a packet was sent out. And then I followed by a put to a remote server, both were done successfully. We back it for a quick second, I'm going to tease you with something which I will walk you through this a little bit more later on. But that will help you secure email. If you look right above it, there's a secure email project that was kicked off. It was kicked off by a trigger by the way. And this one, which means that when this email went out, my documents were scanned, they were scanned for maybe viruses or scanned probably for PII. Do they have any PCI or for the data loss protection. And let me check to see if I got the email for your quickly here.

Heath Kath:

Hopefully I didn't delete it. I might have cleaned things up before the demo and I forgot that went out. That's right. But I'd get a link that would allow me to download those documents directly pretty easily there. This next one here... And this is my what? My fifth example roughly here, I have thrown some twists in each one of them. But I'm going to go into this server and walk you through another example. Within these workflows, you can do a lot more than just pushing and pulling of documents, or even zipping what I showed you so far, you can actually read and write to different file types. Maybe you have an EDI X12 file, or other types of documents that require a secure file transfer and maybe a confirmation of delivery. One way is through an AS2 file transfer type. The example that will walk you through is actually around EDI X12 files, the reading and writing.

Heath Kath:

You maybe need to read in or write out to those types of documents or others as well, like CSV, Excel, XML, and then deliver that document securely. Secure FTP or AS2, you have all those options right at your fingertips. What I'm going to do here, since we are talking about these EDI files, really quickly within the system options under add ins within GoAnywhere, you can actually browse our marketplace, you can browse the marketplace for different cloud connectors to be able to communicate with different web service applications. We have over 38, or at least 38 different cloud connectors out there allowing you to communicate with them. My example is actually on EDI. And we have over 8500 combinations of these. So if you have a 837, type that in there, and you can see all the different ones with different versions that we support. My example actually is on a 850, getting the different versions. Mine's on a 4010, so I'll be installing that one. But we have all that in the list as well. Once you have it installed, you'll see it listed there and now you can start using it within these workflows.

Heath Kath:

Actually, before I do that, let me jump into resources. I mentioned AS2. So we have the EDI file format installed, we also have the ability to actually communicate with other servers, trading partners through AS2, the AS2 push. I have that resource set up that I'll be using here in just a little bit. You have their information about their server to connect up the AS2 from and to IDs. And AS2 is heavily on your certificates, your keys and all that, the authentications and transfers, all those right there defined. Again, utilize your Key vault for those... Or file based as well. Test all that connection, again you all make sure it works before you start using it. And blue is good. So we know we're good to go. This one should be done here any second. All right. So now let's jump into that workflow. Now, these workflows, the idea of these workflows, getting to the project is to automate them. And under the workflow section, you do have the scheduler, you do have the ability to monitor and even triggers. Triggers are event based.

Heath Kath:

Triggers are nice, it's instantly soon as an event occurs, do something. As an example, or maybe first expand on it, you have all these different options you can react to. The one right now is to message received successfully, we have this trigger setup. I'm open up for any new services coming in. You can define your conditions. I'm looking for certain trading partners or customers or you have different things or different rules or conditions you can look for on those files being uploaded to a server. And then action. What to do when that lands there. When this event occurs. You have a list of events that you can do instantly from sending emails out to move them and renaming them, the files that is or call a project. So what am I do, we have an EDI file coming in, this is the file coming in. I'm going to put that information into a variable called AS2 file, which I'm going to be using here just in the project. I'll show you. So AS2 file variable will be passed to a project of which they can actually read this EDI file.

Heath Kath:

So now in the project itself, let's go into this one. All right. Read. This is coming from the data translation right over here, the left hand side. We want to do that read EDI, just drag and drop again, or double click to build that or bring that task into it. Here's that variable coming from that trigger. So, that file. The transaction set, it's like that transactions that you just downloaded, installed that you have to use for mapping. And then we're going to launch this mapping wizard to really build up that relationship, what information do you want to extract out of that EDI file? This one here is just the N1 data, the left hand side by the way, here's that EDI file. And you can see what information we're extracting out, is simply just drag and drop to bring it across there. It's just like that. So what we're doing, again, we're mapping up, we're extracting information from the EDI file and we're putting into a what we call a row set variable. This variable in this example is called N1 data.

Heath Kath:

N1 data is going to contain all this information that it can use later on. The one above it, actually has four other row sets to find containing information regarding the reference and the package data, et cetera. Once we have that information in those row sets, it's up to you what you want to do with them. Maybe you want to turn around and do an SQL, insert to a table, or what we're doing is right out to a document. So you can actually write to a CSV or an XL or XML or flat file, et cetera. If I just jumped down to write names, you can see we're building this file, we're taking that variable, N1 data building that file. So really quickly there, we can actually take the information and build out those documents as needed. Done, just like that. So again, all the information is created up there, I'm looking at the clock, so I better keep on moving. If you want to do the opposite, if you want to create the EDI file, you can do that as well.

Heath Kath:

All right. Let's take a little longer. Should click here to exit out. Here we go. And write it out. So same concept really, but reverse logic. You have the data in tables or spreadsheets, so you want to read in that data first. So I'm going to read in that N1 data, and I'm going to put it into row set. So you build these row sets and then you're going to write that particular row sets and write it into your EDI file. So the same thing there, we're going to launch a data mapping wizard, map it all up, this one will be a little more complex, but you're grabbing the information from each of those data sets and input it into your EDI file. So you build your mapping, getting drag and drop, et cetera. And you can see the relationship there. Once you have that EDI file built, I'm going to keep track through a variable and then you can send it out. Maybe you want to send it out using AS2. There's that EDI file, send it out.

Heath Kath:

Or maybe you want to use secure FTP. You have those options. You can set your trading partner, grab your file and send it out and then some error handling. And just like that, again, you can have the confirmation come back to the AS2 which is nice about that. The AS2 is like a round, robin lifecycle, encrypting file, signing the file, delivering the file, they're going to confirm it, make sure they can read it and then send you confirmation back, while we got the whole lifecycle being done there with the AS2, but again, all that information is being tracked, written to your detail auto log, so you can review the history of it.

Chris Spargen:

In real quick, Heath, I guess since we are on the topic of encryption, so AS2, we actually did a deep dive webinar of this and it can be found on our website under our webinars, which is under our resources page. But AS2 is a very... A lot of auditors love this protocol because it takes multiple layers of encryption. You're typically communicating over HTTPS, which means you can leverage TLS, version 1.2 with a strong cipher suite, in addition to using as AS2 leverage as SSL certificates to encrypt and sign. So similar conceptually to PGP, the file or files that get transmitted via a AS2, so you actually have two layers of encryption in both the communication as well as the file or files themselves being encrypted within the protocol. So I'd be remiss to not call that one out.

Heath Kath:

Good point. No, absolutely. There're some really good webinars out there, you can watch on demand and I'm sure we have more coming down the road. I have two examples left, I'm going to try to squeeze in here, I'm going to cut this one a little bit shorter because I want to show you the last one as well, regarding that zip file I sent out earlier in step number one, but this one here is actually utilizing an ICAP server and the one I'm using this year is Clearswift. Really it's a great transition here, we want to make it more integrated with GoAnywhere, but it allows you to scan those documents with an ICAP server like Clearswift. We can scan those documents for viruses or if they contain confidential information, and based on the information that we find out two different things. Because of time here, this first example is based on a trigger. So again, triggers are instantly ready to react to something that's occurring on your server. What I have set up right now is an upload successfully from a user transferring a file to your server.

Heath Kath:

And it helps to be in the right server. Let's try that again. As you notice, they all look the same to a point there. Upload successful. All right. And so we have a trigger setup in place. So if a user uploads a file to the server using HTTPS, or secure FTP, take some action. And you can grab all this information from that user and from the file that they're uploading and pass it into a project, a workflow to do something with it to verify it, et cetera. So grabbing all this information, pass it into a project and let's see. I need to go into this one. So long story short, we're going to take that information, we're going to connect to an ICAP server and scan those documents, scan that document, make sure it's clean there. We're going to grab that status, the status that's being returned is an ICAP status, an HTTPS status code. And based on what we find out, do different things. A 204 means it's clean, the file is good to go, let it go through.

Heath Kath:

Otherwise, the 200 or 400, we're going to block it, if it's a 200 and a 200 we're going to redact it. So let me just do this, I'm going to connect up. Oops. I'm going to look here.

Chris Spargen:

That's right. While you're setting that up, Heath, I'll just kind of fill that in. So the important piece of this is, as we've said, multiple times throughout this webinar, it's more than just a one off encryption task. Securing your data transmissions, this sometimes requires multiple approaches. So in this instance, we would be encrypting and protecting the data transmission, but what Heath was alluding to earlier, be it accidental or purposeful intent based on a user to user transfer type leveraging our ICAP functionality in a DLP solution, this can really help prevent sensitive information from leaving your organization. So part of HelpSystems vision here is we ultimately want to help all of our customers build a better IT. And having solutions that complement one another like this can really help you with your overall security posture. So...

Heath Kath:

Excellent. And as you guys can see there, I was kind of talking and walking along here, hopefully, you saw that. But that original file I brought up earlier had a social care number in it and now it's been redacted, it's being blocked, mass there, so it's safe and secure. Even the original doc that I showed, also, it's great. Again, it's seamless. So like I said, you're protecting yourself, especially with data that you're sending out. All right. We got about two minutes here. If you have any questions send them to us if you haven't yet. But my very, very last thing I want to show you is about that user logging in. And let me do it this way. I'm going to show you something here. It's going to be the profile. Different profile, I want to show you something here. You have user two, log in, you can set up... Let me do it right, I didn't type it in right. Set up multi factor authentication.

Heath Kath:

In this example here, we can send an email or text message, send it out. I'll get a quick six digit code, which allows me to log in and I got it. If I typed it in right, it will log me in. There we go, inbound from files. Earlier is example number one, I sent out that zip file with a password, I can download it. So if you think about this, the zip file went out to a trading partner or customer. And now we have that zip file and I can get in here... Let's see here. Right now if I just try to open up, it's going to be garbage, I can't do it. Let me go ahead in next. Extract all. Okay. And there is a password on it, so let's see here. Oh, hang on.

Heath Kath:

By the way there is that date timestamp applied to it. I did earlier, the renaming. But if I do the extract files, it's on a different screen and type in the correct password, it should open up just fine, unzip it, that is. Here they are. If I grab one quick object here... And there you go, you can read it. If I apply the wrong password, it will tell you pretty obviously, but I don't want to do it this time because of time. But let me jump back here. Again, there's a lot there, I went through a few examples pretty quickly. But a lot we can do with you guys there in sense of security wise.

Q&A

Chris Spargen:

Yeah, thanks, Heath. All right. So we had a couple questions come in. I know we're at the top of the hour. Happy to... As long as we have attendees still in asking questions, happy to continue this. So William had asked, with two factor authentication, can you set that up by user or group, or is it all or nothing? So you can do this on a per user basis and then you can scale that easier by leveraging our web user template functionality in that when a new user is created, if you've got certain users, or maybe it's your trading partners that need to leverage multi factor authentication, you can have that defined at the web user template layer. So great question.

Heath Kath:

Excellent. Yeah, absolutely. Are you seeing anything else out there? Are people still on board yet with us?

Chris Spargen:

Looks like Sabari has his hand raised. And we've also got a hand raising from Jennifer here. Angela, would you be able to unmute one of them at a time? I think Sabari had his hand raised first.

Angela:

Absolutely. Let me just log in here, find them in the list. I am not sure if I'm able to unmute him. Actually it's not allowing me to. But Sabari, if you would like to just post your question directly in the-

Sabari:

Hello.

Angela:

Oh, there.

Chris Spargen:

Oh, there you go.

Angela:

Thank you.

Sabari:

I have a question like, all the examples which you showed was encrypting a file when the file is present inside your system. So I have a requirement, there is an SFTP server source, and I want to encrypt the file at the source first, then start initiating getting the file or getting a file from the remote server? So how to do that.

Chris Spargen:

Got it. Got it. Yeah. That would be awesome if technology would allow us to encrypt over or I should say, decrypt over a communication layer like that via SFTP. But that, unfortunately is not a command that SFTP servers understand. So you would have to get that file via SFTP get before you could run your decryption process. Now, what some customers will do, because I think what you might be getting out here is before I move this into my downstream process is I want to make sure this files not malicious, or I need to make sure that it's decrypted. So one thing that customers will leverage for that is using a temporary workspace directory, or potentially having a quarantine folder where a file will land and then get decrypted, then get scanned or maybe packet inspection occurs, there's a few different manners in which you could go about making sure that the file is safe for processing. So that would be the way you have to handle that situation.

Sabari:

What about agents. So you have agents, remote agents where we can install on a remote server and that agent can communicate with our central GoAnywhere on port number 8009, I think agent.

Chris Spargen:

Absolutely.

Sabari:

So if we install an agent on the SFTP server like any remote server, then can the agent have the capability to encrypt the file at the source before agent transport the file to the GoAnywhere server?

Chris Spargen:

Yes, yes, absolutely. In that case if you take the SFTP protocol out of the mix, and you're leveraging our agents, our agents do have the PGP functionality on them. And that's actually something we are seeing more and more of, agents have been out for a number of years, but we are seeing more customers who want to take some of the manual processes out of their partner's hands and they're deploying agents to their trading partner locations. And because of the auditing, because of the file system restriction processes you can put in place for your agents, that gives your trading partner peace of mind being able to see an audit that you don't have access outside of the folders that you've agreed upon with them. So that's a great point.

Sabari:

Okay. And last question. I saw one base directory file set in the live demo you showed that there is a wild data how the pattern should be defined, include .XLS, can we define more patterns include .XLS comma separated .CSV, .PDF like that?

Chris Spargen:

Yeah, you can actually apply multiple filters. And so it wouldn't be comma separated, you just have to add additional filters. But functionally, it accomplishes the same thing. So you could define multiple extensions in that case.

Heath Kath:

Yep. And if you needed to expand it to see I have a file out there and it kind of meets that wildcard search, but you need to check it further, you can also do additional checking within the project, the workflow. You can parse out that file name.

Sabari:

Okay. Yeah, thank you.

Chris Spargen:

Yeah.

Heath Kath:

Thank you.

Chris Spargen:

Great question. Hi, Jennifer.

Angela:

I have unmuted Jennifer too. Yep.

Jennifer:

Okay. Hi. So you mentioned web client, we have a license for MFT. I wonder if web clients come with the MFT, or we need to buy additional license?

Chris Spargen:

Yeah, yeah, that's a great question. So ultimately, your account manager will be able to kind of explain the options. Our web client interface is the web page that is powered by our HTTPS service. There are four different modules within our web client that are each licensed individually. So just think of the web client as it's the web page that our HTTPS service represents. The functionality in there, like the secure mail, or secure folders, or GoDrive, or secure forms, those are all individually licensed. And your account manager should be able to help answer any specific questions around what you currently have and what it would cost if you want to leverage one of those modules.

Jennifer:

Okay, thank you. The reason I'm asking is, we are currently using a tool called EFT Express from a company called Globalscape. I don't know if you heard this tool or not. It's doing the similar thing. So we have MFT, we have the Global EFT Express as well. But I really feel the EFT Express is doing the things that your web client doing. So I wonder, what's the advantage of your web client over the EFT Express?

Chris Spargen:

Yeah, that's a great question. And this will be for everyone more broadly speaking. HelpSystems actually did acquire Globalscape. So those are very similar solution to GoAnywhere. MFT there are some differences between the two and that acquisition occurred within the last couple months, so we are currently defining what are some of those key differences between the two. I want to say, I guess if anyone else has this question, this is probably a conversation that is a little bit outside the scope of what we're covering today in our webinar, but we're happy to hold a separate meeting to discuss that with our Globalscape colleagues as well as our GoAnywhere colleagues and we'll be able to explain the difference more in detail and kind of see how you're using Express versus MFT. So that's a great question.

Jennifer:

Thank you. Yeah, I'm going to follow up with my account manager. Hopefully, your team can give us a demo for the difference. Because we are using two tools. I just wonder if it's necessary to using two tools, or just using one tool.

Heath Kath:

Right.

Chris Spargen:

Yeah. Great question. Hey, Heath, real quick, would you mind showing your MFT and since again, Eric, asked a question here about secure folders encrypting from the encrypted folder down or all folders on the same level as the encrypted folder, so I just wanted to point out with encrypted folders, when you define an encrypted folder here, that folder and sub folders will be encrypted. So once you define... Heath is walking through what it's like to encrypt the folder. At that point, we would need to simply define that folder under your user or a group of users kind of home directory structure. So what a lot of customers will do is our web docs folder that we ship with the product, that's kind of the area that by default will house all the unique user accounts, unique home directories. So typically, customers will encrypt that web docs parent directory, and then all of those sub directories that are created for each user account are automatically encrypted using the encrypted folder functionality.

Chris Spargen:

And the only way... And that's symmetric key encryption to kind of tie that back to what we were talking about earlier. So GoAnywhere holds the private key for that. And when a web user who has access to that folder, when they access that folder and try to download a file from it, if it's GoAnywhere, GoAnywhere will decrypt that file or files at that point to the end user. But if someone was tra... Let's say someone was traversing your file system that is encrypted and they try to grab that file from there, they're only going to get gobbly goo, they're not going to get any actual data because they didn't access it through GoAnywhere. And hence, GoAnywhere couldn't run the decryption process. So that's how we kind of secure that in use the encrypted folders. Great question.

Angela:

I know we have a couple other questions coming through the question pane, I also see another hand raised here by Bill who also did submit a question in the question pane. But Bill, I'm going to go ahead and unmute you here, if you have an additional question, please feel free to speak up otherwise, we can address some of the others.

Bill:

No, I didn't have a question per se, I just wanted to make a comment, the gentleman who raised the question a few minutes ago about can you encrypt a file remotely before retrieving it into GoAnywhere? And my thought was, I'm assuming he's talking SFTP, so he'd have SSH access to the server. So in that case, he could remotely run the encryption command via the SSH command object. Yes?

Chris Spargen:

That will depend if it's a true pure SSH implementation of the server. Some SFTP servers are pure SFTP servers and they're only going to support commands of SFTP, where others are leveraging SSH. And in that case, as long as that command was a command that the user could run, then yeah, theoretically, our execute SSH command task would be an alternative option to accomplish that.

Bill:

Okay. Just wanted to throw that out there because I've run into a situation similar to that where in my particular case, I needed to SSH to a IBM Connect direct server and run connect direct process, run submission proxy and then stats scripts. And the SSH command is what enabled me to do it. So I just wanted to throw that out there. That's all I had. Thank you.

Chris Spargen:

Yeah, way to think outside the box. Love it.

Angela:

All right.

Chris Spargen:

Let's see here. I think Leah Nelson, she posed a really good question about how do you deal with customers who are maybe using old versions of PGP, that are no longer considered secure. So this is kind of the yin and yang of security. And this is something that we do see from time to time. So I've seen customers handle this a couple different ways. One is honestly, just talking through the process a bit with their partner, getting a timeframe of when do you think that we can realistically get a newer version in place because we don't feel comfortable. And neither most larger customers would agree, "Well, yeah, we don't necessarily want to run on deprecated protocols, because that's a security risk." And nobody wants to be in the news due to running legacy versions of software, where they could have prevented a security issue or a hacking situation.

Chris Spargen:

So what some customers will do to overcome this is they will run older versions of GoAnywhere, and I have even seen running a specific version of GoAnywhere to remain compatible specifically with that trading partner while using a newer version of GoAnywhere to facilitate their more recent trading partners. So I have seen that, GoAnywhere does play well, if you have multiple instances of GoAnywhere deployed, it does play well. I guess the better probably answer to this would just be that any part of moving newer processes ahead, is going to introduce this potential for in compatibility, right? This is part of the security game where Heath said earlier, it's a moving target. So typically what I recommend, and the best way to head off issues like that is to kind of establish an agreed upon internal SDLC type process with GoAnywhere where you've got a development or test environment, where you can install newer versions of the product and run that compatibility check before you're actually in a position where you need to migrate into your production environment, the latest version.

Chris Spargen:

And that allows you to have that conversation before it becomes quite as urgent, you're able to have some discussions with your partner around, "Okay, when can you realistically get upgraded?" And again, usually pointing to this is a security vulnerability, surely you guys are going to address this at some point down the road, right? And typically, we find that that conversation that occurs, if it's not as urgent, meaning you have an upgraded production and now you've got a production issue, it's happened in the UAT environment, and maybe you're still three to six months away from incorporating the latest version of GoAnywhere into your production environment. That allows that conversation. It just gives you some grace period, if you will, before it's as critical of an issue. But optionally you could leverage an older version of GoAnywhere if it is a partner that can't upgrade for let's say, a year or two, but there are multiple options for that, happy to have a deeper conversation around that in our professional services team, they deal with these consultative type conversations day in and day out and they've seen a lot of different customer deployments.

Chris Spargen:

So anytime if you want to have a deeper dive into how to architect or solve that problem, we're happy to have that conversation. Great questions.

Angela:

Yeah. Well, I know that we're significantly past the time, I know that there are a handful of questions that we still have out here, give the time, I think that we'll follow up with the remaining questions outside, unless you see any others that you want to answer quick.

Chris Spargen:

Yeah. I was going to suggest since we did run over a bit like this, we're happy we have a record of all the questions and anything we didn't get to today, we will follow up with that. And I guess I just want to round it out by thanking everyone for their time. It's always good when people are willing to stay after, it shows you're engaged and we really appreciate your attendance with this today. I hope it's been beneficial for you all. And any questions you have, there's our contact info, get a hold of us. And yeah, go forth into 2021 with security as top of mind.

Angela:

Awesome. Thank you both for presenting today. I really, really appreciate it. And thank you, everyone for staying online, all the great questions, really appreciate it and we'll talk to you all soon.

Heath Kath:

Thanks, everyone. Stay healthy, stay safe, stay secure. Bye.

Chris Spargen:

Absolutely.

Angela:

Bye.

Chris Spargen:

Take care.