Managed File Transfer Workflow Automation

The data that is exchanged between organisations is often highly sensitive.

The challenge for the Security professional is how to make company information available whist preventing data breaches.

Originally FTP was inherently insecure as it was created 40 years ago, however vendors have worked to implement security and now File Transfer solutions can range from unsecure through to highly secure. The following summarises the key elements of what to look for in a secure Managed File Transfer solution, note that it is not exhaustive.

Note – a quick way to guarantee you are buying a secure product is to look for a solution that supports FIPS 140-2 Validated Cryptography
But – Make sure it also achieves the other things you require and that it is installed and set up correctly.

Anti-Hammering

Identify, log and automatically block IP addresses and subnets that attempt consecutive failed logon attempts.

Hardened Platform and OS

SSH Transfers

Transfer files over SSH protocol, which is firewall-friendly (uses a single port), supports inline compression for optimized file transfers, and maintains data encryption on all connections all the time.

SSL Certificate Support

Enforce Strong Password Policies

Encryption

Of files in transit and data at rest

Authentication

Force Secure Client-Server Connections

File Integrity and Non-Repudiation

Guarantee uncompromised delivery with file integrity checking

Minimum 256-bit AES encryption

256-bit encryption over SSL and SSH (SFTP and SCP2)