By Hugh Garber -

Every company I’ve ever worked for has had their own set of rules from the IT group that employees are told to follow. And while the rules have certainly evolved over time as more and more complex technology becomes part of our daily job routines, one thing seems to have stayed constant — Not everyone follows all the rules all the time!
Here’s some nice commentary from CSO magazine titled “3 Reasons Why Employees Don’t Follow Security Rules“.
Gartner analyst Frank Kenny chimes in on the major reasons he believes that people don’t adhere to corporate security policies — and what they need in order to get on board with the rules. Frank does a great job of tying his thoughts back to today’s common employee need of having to share files and data…. And how doing so in a non-secure and rogue manner can certainly put sensitive company data and information at risk of being compromised.
Anyways, here are Frank’s 3 major reasons:
* They don’t know the rules
* If they do know the rules, no one is enforcing them
* Rules get in the way of productivity
Makes sense…. And sure does sound simple enough.
Can it really be that easy?

By Hugh Garber -

The Aberdeen Group just published a new report on Secure & Managed File Transfer that I’d say is a must read for anyone interested or responsible for ensuring that their organization uses safe, reliable and compliant solution for both internal and external movement of company information.
Here are a couple of great stats from the paper:
o The number one driver for an organizations focus on Secure Managed File Transfer is “collaboration with trusted third parties”
o “Protecting data in transit” is the leading strategy being employed by best-in-class organizations investing in Secure Managed File Transfer
I think this quote summarizes the current business trend nicely and highlights the growing adoption of leading file transfer solutions: “Secure/managed file transfer is rapidly becoming a ubiquitous need — both between organizations and within organizations, both for regularly scheduled data transmission and for ad hoc collaboration — between partners, suppliers and customers everywhere.”

By Erik Small -

Two exciting new features are included in the latest release of WS_FTP Server 7.
Here the summary of FIPS according to Wikipedia:
FIPS originates from the National Institute of Standards and Technology (NIST). It issued the FIPS 140 Publication Series to coordinate the requirements and standards for cryptography modules which include both hardware and software components. Federal agencies and departments can validate that the module in use is covered by an existing FIPS 140-1 and FIPS 140-2 certificates which specifies the exact module name, hardware, software, firmware, and/or applet version numbers.
Secure Copy (SCP) simply enables secure file transfers using product supporting the Secure Shell (SSH2) protocol, such as PuTTY and OpenSSH, and provides easy interoperability with Linux and Unix systems. SCP can interactively request any passwords or passphrases required to make a connection to a remote host. This means that during an upload, the client feeds the server with files to be uploaded, optionally including their basic attributes (permissions, timestamps). This is an advantage over the common FTP protocol, which does not have provision for uploads to include the original date/timestamp attribute.
WS_FTP Server 7 is in a better position to deliver the industry’s highest security to help businesses protect the confidentiality and integrity of their data. More on the release of WS_FTP Server 7, can be viewed on the WS_FTP Server 7 product website.

By Hugh Garber -

Here’s a nice post that summarizes the different flavors of the encrypted FTPS (FTP over SSL) protocol.
“FTPS is a name used to encompass a number of ways in which FTP software can perform secure file transfers. Each way involves the use of a SSL/TLS layer below the standard FTP protocol to encrypt the control and/or data channels.”
The posting then goes into a bit more of the technology details of AUTH TLS, Explicit FTPS or FTPES and Implicit FTPS…. and then SSL Certificates and some info on firewall implications.

By Hugh Garber -

Register for one of the upcoming live webinars to learn more about the new WS_FTP Server 7.
* Tuesday, Oct 7th at 2:00pm ET
* Thursday, Oct 9th at 9:00am ET
Kevin Gillis, Ipswitch File Transfer’s VP of Product Management, will highlight the new capabilities of the WS_FTP Server family and he’ll also give a live demo and answer any questions you may have.
I’m looking forward to seeing the new automatic IP blocking and anti-hammering capabilities in action…. And also the new FIPS 140-2 verified cryptography.

By Erik Small -

Did you know that you can change how WS_FTP behaves at launch? You can choose to:
- Open a blank workspace (ie: Do not connect to any saved server connections)
- Open a FTP connection dialog (ie: Asks what server connection you want to open)
- Open the last local and remote server folders (ie: WS_FTP opens the last local and server connections)
- Connect to your default FTP site (ie: Similar to choosing a browser homepage)
Choose the Options screen by selecting ‘Tools’ and then ‘Options’. The Options screen should open to the ‘General’ tab. Look for the ‘Auto Reconnect’ option and select from the drop down box.
Selecting to open the last server connections is probably a common preference if you’re working with a small number of websites.
More preferences are found in the WS_FTP Professional Getting Started Guide.