Check out this detailed review of WS_FTP Server 7.5 by Jason Moran on ServerWatch.com.
“When you need to exchange sensitive files with customers or business partners, simply tacking them onto e-mails as attachments isn’t an option — at least not if you’re governed by any of the alphabet soup of data privacy regulations. Rather, you need a secure file transfer product, such as Ipswitch’s WS_FTP Server 7.5.”
An April survey conducted by MeriTalk, a government information technology provider, titled “Why Encrypt? Federal File Transfer Report,” found that data security vulnerabilities at federal agencies are mainly due to employees’ use of unsecure methods to exchange information, such as File Transfer Protocol (FTP).
Specifically, the report shows that federal employees use unsafe methods to transfer files in the following ways:
66 percent use physical media (e.g., tapes, CDs, DVDs, USB drives, etc.).
60 percentuse FTP.
52 percent send work files through personal e-mail accounts (e.g., Gmail, Yahoo, etc.).
This article on Government Computer News goes on to mention the insecure methods of sharing data/information. This reinforces the need to deploy secure file transfer methods in not only government agencies, but in the private business sectors as well.
Ipswitch File Transfer recently released an Ad Hoc Transfer Module application that provides unparalleled governance, and allows end users to share information, with anyone, in a fast, easy, secure, visible, and well managed way.
Used in conjunction with any of the industry-leading WS_FTP Server products, the Ad Hoc Transfer module enables companies to proactively manage file transfer and other interactions. It also allows companies to create and enforce policies such as data and transport encryption, access control and authentication, data loss prevention, and content management.
Selecting a secure file transfer method can be a very critical component of your organization’s security policy — and even a requirement! Many different industries require compliance and regulations around how data is shared, transferred, uploaded, downloaded and stored from PCs to file servers.
This concise chart below provides a breakdown of the different secure file transfer methods available in most business-grade file transfer programs.
The WS_FTP Professional Security Guide provides more information around the different layers of security.
This new module eliminates the need for email attachments which burden corporate email servers. IT managers can use WS_FTP Server Ad Hoc Transfer Module to enforce file sharing policies and have full visibility into the company’s file sharing activities.
Ipswitch’s website has been updated with all the details and features of the new module.
The simple benefits are summed up like this:
1.Complete visibility into all file sharing activities 2.Proactively manage all file sharing interactions, both internal and external to the company, organization or domain 3.Enforce administrator defined policies and rules for sending files to other people 4.Remove the “file attachment” burden from the email server
A concise 2-minute overview of Ipswitch’s client + server secure file transfer relationship. This video describes old FTP processes, and how the environment has changed with encrypted transfers and stronger client to server security.
Large files, such as an architect’s blueprint or a software executable, can take longer to transfer. If you regularly transfer large files, you can use Multipart mode to speed up the transfer.
When in Multipart mode, WS_FTP splits large files into smaller segments and downloads all segments via different, yet concurrent, connections. This decreases the total download time for large individual files.
Check out the WS_FTP Tools Guide, page 7, for step-by-step instructions for setting up Multipart Mode
Nevada and Massachusetts have become the forerunners for data security recently. With the current data security regulation (1.0), businesses are required to notify individuals if there is a potential personal information breach which could lead to identity theft. This law is used mostly to set standards in responding to incidents but not in actually preventing them from occurring in the first place. As many may remember, the reason for the regulation in the first place was due mainly to the data breach that companies such as TJX, ChoicePoint, DSW and BJ’s Wholesale suffered. With TJX as their guinea pig, the Federal Trade Commission conducted a new wave of security referred to as Data Security Regulation 1.5. This made higher standards for business security that penalized any data breaches. However, it lacked an implementation of any technology to fight against this. Which brings us to Data Security Regulation 2.0.
New laws in the states of Nevada and Mass are looking to set specific standards which include the use of encryption when collecting and transmitting hte personal information of its buyers. On October 1, 2008 the Nevada law was effective saying that information was not allowed to be transmitted other than via fax unless encrypted which is defined as “requiring the use of cryptographic keys to decipher data.” Although Nevada is certainly a leader for security, it has nothing on the programs that Massachusetts is looking to install. They are bearing down on all levels of companies and considering each to be on the level of banks and their need for information security. Going much further than simply encrypting data, business must undergo operational requirements such as a developing a written information security program which must be approved by the standards of the Commonwealth of Massachusetts. Encryption according to Mass is more narrowly defined as “the transformation of data through the use of algorithmic process, or an alternative method at least as secure, into a form which meaning cannot be assigned whithout the use of a confidential process or key.” Due to the complexity of the law and complaints from business owners it will not be authorized until January 1st of 2010. Businesses that store personal information in electronic or paper from must abide by these laws and any violations carry a heavy fee of $5000.
These new laws are just the beginning of information security practices. It will be difficult to employ them, however, if all the standard vary state-to-state. It is the best interest of the businesses everywhere to begin to implement security measures that comply with Massachusetts since it is the strictest. Many enterprise leveled businesses and beyond have since begun to protect their name brand as well as their customer information by using ws_ftp and other file transfer products, which are in compliance with the law. Until there is one standard law for all businesses, every company from McDonald’s to the local icecream store should start encrypting.
Formerly FTPplanet.com, we have redesigned and relaunched as FileTransferPlanet.com, a community site for discussions about file transfer, web design, software deals, and other cool topics! Registration is free -- Post a question in the Discussion Forums or comment on any blog posts.
Monday, July 26, 2010
1
Loading ...
