Selecting a secure file transfer method can be a very critical component of your organization’s security policy — and even a requirement! Many different industries require compliance and regulations around how data is shared, transferred, uploaded, downloaded and stored from PCs to file servers.
This concise chart below provides a breakdown of the different secure file transfer methods available in most business-grade file transfer programs.
The WS_FTP Professional Security Guide provides more information around the different layers of security.
A concise 2-minute overview of Ipswitch’s client + server secure file transfer relationship. This video describes old FTP processes, and how the environment has changed with encrypted transfers and stronger client to server security.
The “client-server relationship” is a very common term when it comes to file transfer.. but what exactly is a “client” and what is a “server”? The networking of a “client-server relationship” involves a distributed application architecture that divides tasks between service providers known as servers and a service requester, or a client. Clients and servers generally operate over computer networks, such as office LANs or even the Internet.
The server is the more dominant machine in the relationship, being a high-performance host that runs one (or more than one) server applications. The server applications are what the client “talks to”. Applicaitons on the client system initiate communication sessions with servers.
Simply put, “client-server” describes the relationship between two computer programs where the client makes request to the server. This relationship is seen in such tasks as sending emails and accessing the web. Many business applications currently use the client-server model as well as the main Internet application protocols (HTTP, SMTP, telnet etc.)
The simplest type of client-server uses only two systems, a client and a server. This may also be referred to as “two-tier” and it allows for the sharing of files. Some examples of clients in this relationship would be web browsers, email clients,and online chat clients. Servers would include web servers, ftp servers, application servers, mail servers, file servers, and most web services.
Client-server architecture enables the responsibilities of a system to be distributed amongst several individual computers. These individual computers are accessed only through a network so it is easier to maintain and repair or even relocate a server without affecting the clients. Another benefit exists in that data is stored on servers which generally have greater security than clients. Servers can also control user access and resources. Client-server technologies are abundant in the world today, designed to ensure safety and security. One example of an innovater in this field is Ipswitch – a software company which has been offering FTP software since 1991. As the field of file transfer continues to grow, so will the need for safe servers and happy clients who together form a healthy, networked relationship.
File Transfer Planet discovered this nice review of WS_FTP at www.raakesh.com. One very useful point Raakesh has made is the fact that WS_FTP uses Secure Shell to protect passwords and information during transmission from the FTP client to the FTP server.
The sponsors of File Transfer Planet, Ipswitch, just announced a new Enterprise file transfer workflow engine, MOVEit Central Enterprise 7.0. It’s for companies managing thousands of complex and logical data workflows. This is certainly several levels up from the basic file transfer processes that we regularly troubleshoot here at File Transfer Planet.
Many organizations use firewalls or ‘gateways’ to separate their local network from the rest of the outside world. Access is limited, which means WS_FTP or your FTP client needs to be properly configured to work seemlessly with the firewall. A firewall usually requires configuration only one time. Check with the network administrator to retrieve data about the firewall and enter it in WS_FTP’s Firewall dialog screen under Tools. The data you’ll need: Name, Hostname, UserID, Password, Type, Port.
Ipswitch File Transfer has just released WS_FTP Server version 7.1.
There are a handful of pretty exciting new capabilities that server administrators will certainly appreciate…. But the one that has me the MOST excited is the new ability to run WS_FTP Server in a virtualized environment on the VMWare ESX platform.
Here’s a great quote from the WS_FTP Server 7.1 launch press release on the benefits of virtualization from Kevin Gillis, VP of Product Management for Ipswitch File Transfer:
“Virtualization has made its way into the mainstream and there is a wide variety of choices for virtualization open to enterprises everywhere. Its numerous benefits include added reliability, increased uptime, easier disaster recovery, server consolidation and a ‘green’ benefit of increased energy efficiency.”
Check out the complete list of new capabilities in the 7.0 and 7.1 releases…. And then give a free 30-day evaluation a whirl. If this is your first time using a WS_FTP Server secure file transfer solution, I think you will be very pleased with the security, performance and easy administration!
Not sure if you’re paying attention to the big RSA security conference held this week in San Francisco. I can tell you firsthand that the halls are buzzing with people looking to deploy more robust security solutions at organizations of all shapes and sizes. There’s lots of interest in trying to identify new encryption, Managed File Transfer, and identity solutions that will help enable the safe handling of company data and help businesses comply with various requirements.
All that being said, it will be interesting to see how today’s economic conditions will affect how organizations spend their scarce IT budget over the next year or so. Yes, everyone agrees that “security” is important. And yes, many companies are required to provide secure mechanism as part of corporate governance and compliance requirements. But the proof is in the pudding…. Will they spend the bucks to actually deliver improved secure solutions?
Here’s a very insightful article posted on the ITC Review blog written by Gary Shottes, President of the Ipswitch File Transfer Division.
Here are a few quotes from the article that really make you contemplate rules and regulations that force companies to take responsibilities for a data breach…. Not to mention the positive outlook that technology is available to be deployed by organizations to protect sensitive company information: “Many companies experience data breaches yet fail to tell their clients, let alone the authorities or police. The reason for this is due to the fact that the majority of companies realise they would expect to lose customers immediately, on a massive scale, if a data breach was revealed.
Security experts agree that employees not only need to change the way that they handle data but they also need to invest in software capable of controlling the movement.
File transfer provides the ability to encrypt files making it even harder for data breaches…. Hospitals, retail outlets and insurance companies are discovering the benefits of using these products to securely transfer data, especially with the size of the data being transferred and the ease of which transfers can be automated.“
Many FTPplanet readers have commented that there was a noticeable increased focus on SECURITY in my blog posts this year
And for good reason!
This article by BankInfoSecurity lists the top 10 security breaches of 2008. Pretty sobering to say the least!
Whether you are an individual at home, a small business, a large organization or anything in between, it’s pretty clear that you should take some precautions with your files and data to help ensure that your private information stays clear of bad people who are trying to do bad things.
In 2009, we’ll continue to focus on security and provide tips and insights on how you can protect your files and data from prying eyes.
The Aberdeen Group just published a new report on Secure & Managed File Transfer that I’d say is a must read for anyone interested or responsible for ensuring that their organization uses safe, reliable and compliant solution for both internal and external movement of company information.
Here are a couple of great stats from the paper:
o The number one driver for an organizations focus on Secure Managed File Transfer is “collaboration with trusted third parties”
o “Protecting data in transit” is the leading strategy being employed by best-in-class organizations investing in Secure Managed File Transfer
I think this quote summarizes the current business trend nicely and highlights the growing adoption of leading file transfer solutions: “Secure/managed file transfer is rapidly becoming a ubiquitous need — both between organizations and within organizations, both for regularly scheduled data transmission and for ad hoc collaboration — between partners, suppliers and customers everywhere.”
Two exciting new features are included in the latest release of WS_FTP Server 7.
Here the summary of FIPS according to Wikipedia: FIPS originates from the National Institute of Standards and Technology (NIST). It issued the FIPS 140 Publication Series to coordinate the requirements and standards for cryptography modules which include both hardware and software components. Federal agencies and departments can validate that the module in use is covered by an existing FIPS 140-1 and FIPS 140-2 certificates which specifies the exact module name, hardware, software, firmware, and/or applet version numbers. Secure Copy (SCP) simply enables secure file transfers using product supporting the Secure Shell (SSH2) protocol, such as PuTTY and OpenSSH, and provides easy interoperability with Linux and Unix systems. SCP can interactively request any passwords or passphrases required to make a connection to a remote host. This means that during an upload, the client feeds the server with files to be uploaded, optionally including their basic attributes (permissions, timestamps). This is an advantage over the common FTP protocol, which does not have provision for uploads to include the original date/timestamp attribute.
WS_FTP Server 7 is in a better position to deliver the industry’s highest security to help businesses protect the confidentiality and integrity of their data. More on the release of WS_FTP Server 7, can be viewed on the WS_FTP Server 7 product website.
Formerly FTPplanet.com, we have redesigned and relaunched as FileTransferPlanet.com, a community site for discussions about file transfer, web design, software deals, and other cool topics! Registration is free -- Post a question in the Discussion Forums or comment on any blog posts.
Wednesday, March 3, 2010
0
Loading ...
The server applications are what the client “talks to”. Applicaitons on the client system initiate communication sessions with servers.
Not sure if you’re paying attention to the big RSA security conference held this week in San Francisco. I can tell you firsthand that the halls are buzzing with people looking to deploy more robust security solutions at organizations of all shapes and sizes. There’s lots of interest in trying to identify new encryption, 
