Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »
Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.
  • 2 March 2011 14:47

How to avoid those secure file transfer blind spots

To mitigate the risks and gain more agility and value from existing IT assets, an organisation needs to be able to capture file transfer events.

By John Lee, Regional Sales, Pacific, Axway

Organisations that cannot monitor and track how information moves throughout their trading community ecosystem, from start to finish, face multiple risks and repercussions whose effects can be serious and far-reaching.

Perils include data losses and breaches, regulatory violations and fines, missed business opportunities, and damaged brands as well as partner and customer relationships.

In any business interaction, data is a living, breathing entity. Whether it supports an order, claim, or payment transaction, represents your products and services, or actually forms a product or service, every bit of information drives a business process lifecycle that has a beginning and an end.

On average, 80 per cent of an organisation’s information is contained in files, many of which are constantly on the move between people, systems, and applications — both inside and beyond the enterprise firewall. It is here that dangers lurk.

To mitigate the risks and gain more agility and value from existing IT assets, an organisation needs to be able to capture file transfer events, and provide information about them in the right context, to the right people, at the right time. This can eliminate managed file transfer (MFT) blind spots with end-to-end visibility for IT staff, business managers and trading partners. This allows them to better manage and predict cash flows, improve quality of service, and reduce costs throughout the data exchange infrastructure.

There are five steps towards gaining granular visibility into an entire file transfer ecosystem.

1. Most accidents happen within five miles of home.

Despite the notoriety of Internet-related security threats, the largest risk of compromise lies inside a company’s four walls. Even if accounting, inventory, payment, product, customer and sales data isn’t travelling beyond the firewall, an organisation still needs a secure solution that allows the monitoring, managing, tracking, analysing, and auditing of internal movements.

The most effective MFT solutions enable companies to securely transfer and track files internally between disparate hardware and software platforms, without application rewrites. With consolidated real-time file transfer information from mainframe, AS/400, SAP, and other internal systems, organisations can gain the visibility required for protecting data against accidental leakage and loss, while gaining critical insight into business processes.

2. Put some law and order into B2B connections

From the time information leaves back-end systems to the moment it travels the last mile to a trading community, a company needs visibility into every transfer, transaction, and communication in order to secure and optimise order-to-cash, procurement, invoicing, and other multi-enterprise business processes.

But if the enterprise is like most — a wide variety of MFT patterns and use cases handled through a combination of point-to-point processes, vanilla FTP sites, cobbled-together quick fixes, and expensive legacy mechanisms — that enterprise has created virtual file transfer anarchy. This worsens as the volume of data and the number of partners and processes grows, and standards continue to evolve. B2B enterprise MFT applications can bring order to chaos. They enable a CIO to create manageable, secure, and auditable two-way communications channels over the Internet and private IP networks — with any business partner.

Visibility and analytics tools provide real-time views, notifications, alerts, monitoring and collaborative resolution for business processes within the enterprise, along the supply chain, and throughout the trading partner community. Timely awareness of events or non-events at the file level and/or business level allows for more effective business management. Granular visibility lets users extract business content and run analytics and KPIs to improve performance. Strong audit trails help to demonstrate compliance with government regulations and protect against legal liability.

3. Open an express lane for ad hoc network file transfer — but keep it on your radar

As file attachments grow ever larger, email administrators respond by imposing attachment size limitations on senders, recipients, or both. The result? Well-intentioned users turn to more expensive and higher-risk means of file transfer, such as downloading files to CDs and thumb drives or sending them via unsecured FTP. That’s a problem.

Without a structured, transparent policy-management system for managing ad hoc large file transfer traffic, an organisation risks legal liability, regulatory violations and loss of priceless intellectual property. Data might as well be written on a postcard or published on the Internet for all to see.

Of course, people will continue to work the way they work, and that means using an email interface for ad hoc file transfer. A good MFT solution can eliminate the infrastructure, cost, and security concerns that surround sending large and confidential files via email. To do so, it combines support for very large file attachments with content-based policy management, encryption, authentication and tracking capabilities. By bringing traditional MFT principles to ad hoc file exchange, such a solution gives control and visibility within an existing IT architecture, without requiring end users to significantly change the way they work, download and master new software.

Enterprise-class security means the organisation knows who received a file and when they received it. The CIO can set policies that require message recipients, and anyone they forward the message to, to identify and authenticate themselves via a password or single sign-on before viewing the attachment — allowing data to be extended securely throughout the ecosystem. Complete document audit and tracking capabilities provide delivery confirmation for both the sender and the administrator.

4. Use business and technical dashboards to look both ways

When a file moves into, out of, or within an enterprise, you need to know about it. And when a file transfer fails, the organisation - rather than a customer or your partner- needs to be the first to know about that, too.

MFT solutions can provide technical and business dashboards that allow business and IT users to view and react to monitored data exchanges, using event-based processing across all major networks, mainframes, servers, desktops, and software applications. With global, end-to-end visibility into the data communications ecosystem, an organisation can detect and correct malfunctions in real time, before they become critical.

Complete, searchable audit trails simplify and lower the cost of compliance with industry and government regulations — such as HITECH/HIPAA, PCI, GLBA, and SOX — as well as with the organisation’s internal security and privacy policies.

5. Go the extra mile to serve and protect your trading community

Automating a business’ processes and creating an efficient and secure online trading community doesn’t have to be expensive, time consuming, resource intensive, or risky.

There are solutions that allow an organisation to establish secure last-mile connections that streamline how they manage and interact with their trading community. Automated endpoint provisioning and pre-configured functionality lets them give end users quick and easy access to a secure file-transfer infrastructure. From ad hoc interactive transfer using a Web browser to fully automated EDI and batch-transfer jobs on mainframe platforms, it doesn’t matter what systems they use or how technically adept they are. Event-based monitoring and alerts empower different groups within a community to see what is relevant to them at all times. Customers can track their own orders, suppliers can monitor fulfilment, IT can monitor exceptions and line-of-business managers can measure performance against SLAs. Armed with a wealth of real-time information, community members can work together to reconcile and resolve issues before they negatively impact business relationships. By tracking and analysing interactions and policy violations over time, both IT and business managers can adaptively streamline automated processes and direct human resources where they’re needed most.

About Axway

Axway contactaustralia@axway.com is the Business Interaction Networks company — the only provider in the market today to manage, run, secure, and monitor all business interactions, including email, files, messaging, services, events, and processes. Serving over 11,000 organisations in more than 100 countries, Axway facilitates the multi-enterprise transactions, processes and integration that accelerate business by eliminating the barriers between vendors, customers, departments, partners and suppliers.

Axway's comprehensive offerings include business-to-business integration, managed file transfer, secure email, business activity monitoring, enterprise application integration, service-oriented architecture, business process management, track & trace and identity validation solutions. Axway provides professional and managed services, as well as cloud computing and Software-as-a-Service (SaaS) offerings. Headquartered in Phoenix, Arizona, Axway's global presence spans 20 countries.

For media queries

Marketing Axway Australia Tel: +61. 02 9956 4555 Web: contactaustralia@axway.com

David Frost PR Deadlines, for Axway Tel: +61.2.4341 5021 Email: davidf@prdeadlines.com.au

Submit a media release
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Latest Jobs
Salary Calculator

Supplied by

View the full Peoplebank ICT Salary & Employment Index

Recent comments

Computerworld
ARN
Techworld
CMO