I spent two hours on Tuesday morning with a CISO of a large international bank. He was exasperated and I felt, for the
first time in years, that I had actually delivered the holy grail of solutions. Let me explain further the highlights of our conversation.
The CISO has a dilemma. He has a directive to remove FTP from the bank, its networks and any connections to 3rd parties. Why? Obvious, FTP is insecure and no longer a viable or acceptable way to transfer information. Simple so far so where is the complication and problem? Simply move FTP to SFTP, FTPS etc. etc., I hear you cry! Well, yes, but it isn’t that simple and let me tell you why.
There are over 70 legacy applications that are being used by the bank that cannot use any other communication protocol apart from FTP. They cannot and will not be budged on this and this is the dilemma. So do you stop using the application? No, its business critical. So do you ignore the directive to remove FTP from the network? Well, it might be the only option – this was the position that said CISO found himself in. But was there another way?
Yes there was, and it was answer that gave me such a euphoric feeling. The solution was ConnectSecure by SSH. ConnectSecure is an FTP to SFTP converter that allows you to change all FTP connections into SFTP connections without changing the application or architecture. Simple, effective and easy to deploy.
The bank are taking an immediate proof of concept and SSH’s best kept secret is revealed! Now, I wonder who else would find this solution interesting…
Alternatively, download “FTP and the Financial Looming Hazard”, a White Paper from SSH, to learn more about the financial risks of FTP.