Managed File Transfer

(1)

Managed File Transfer

Achieve Swifter, Higher, Stronger Quality in your

File Transfer Solution

Abstract

File exchange is an integral part of daily business life but the numerous problems with current methods make it into a proverbial marathon. File transfer methods include File Transfer Protocol (FTP), physical transfers, and personal emails which lack security, compliance, and efficiency. Managed File Transfer (MFT) solutions are the answer to the question, “How do I send this?” There many great benefits to using MFT solutions and greater damage by using methods of the past.

(2)

Introduction

File transfers should not have to be an Olympic event but with the amount of hurdles one encounters it could easily be mistaken for one. Today, the use of old practices such as FTP (file transfer protocol) services, USB flash drives and DVDs, and personal email are causing corporations grief, and damages are being fully realized. How does the company transfer large or sensitive content while ensuring security, compliance, and performance? Managed File Transfer (MFT) solutions are the answer to the age old question “How do I send this?” The future of large and secure file exchange, MFT is fast, easy to use, secure and compliant - saving business time and money. In legacy file exchange scenarios, there are many hurdles to efficiency and compliancy where MFT solutions can provide a secure foundation to manage those hurdles.

The Hurdles of File Transfers

Large files are cumbersome, annoying, but often vital components in the success of an organization. Content that needs to be shared will be prioritized differently depending on the scenario such as speed and efficiency, confidentiality, and ease of use. However trying to maneuver the many barriers in place for easy collaboration and exchange of large or sensitive files is a complex process. Organizations are continually looking for new and improved processes in order to find efficiencies, reduce costs, and ensure compliance. Transferring a large or sensitive file should be a simple task, but with a lack of a standard, efficient, and risk-free exchange process, the business is experiencing many impacts:

Cumbersome process is slowing down production, which negatively impacts competitiveness and go-to-market ability.

The longer it takes to exchange information, the harder it gets to fix errors or handle changes.

Cumbersome information exchange processes slow innovation and foster bureaucratic culture.

Business users end up spending a disproportionate amount of time handling the logistics of transmitting information compared to its initial creation.

Physical or electronic file exchange systems are inherently not secured and lack traceability.

Organizations open themselves to theft of intellectual property, security breaches, and non-compliance with regulatory requirements.

(4)

Because most users find large file transfer difficult, user frustration forces them to find work-arounds, which creates risk. Whether it is emailing sensitive files, exchanging files using unprotected FTP services, finding free Internet-based file sharing sites, or putting files in physical media and shipping it to the destination using courier, all of these methods are proving themselves to be no longer viable for the secure and efficient movement of corporate content.

The first hurdle: email size limitations

A common challenge encountered by many knowledge workers when trying to

collaborate on large files is email attachment size limitations. As organizations produce more and larger content, it gets increasingly more difficult to manage and move them. Why are big files an issue? Large files are not typically supported in a user’s standard desktop email solutions, such as Microsoft Outlook. 5MB or 10MB limitations are

common restrictions forcing users to find other avenues, such as personal email systems, which creates risk and do not provide a detailed audit trail. In an article published in Engineers and Technology magazine by James Hayes some disturbing trends were recognized: “60 per cent of individuals said they use personal email to send sensitive files because their company systems hinder productivity, creating a compliance and security risk”.

With a lack of security, as well as violations to internal and external compliance policies, these alternative methods result in more exposure and non-compliance

The second hurdle: the IT interruption that is FTP

FTP is one of the most commonly used solutions to support the needs of the business for large file transfer. However, FTP has become a topic of concern. With more strict

compliance and security policies, FTP can no longer fully support the business. Over the past couple years, there has been a number of highly publicized security breaches involving exposure of confidential information. However, FTP breaches are nothing new. In July of 2007, the Pentagon contractor SAIC announced that it had potentially breached sensitive information including names, addresses, birth dates, Social Security numbers and health information of 580,000 US military personnel and their relatives. A file containing unencrypted sensitive information was transmitted via FTP using an unsecured connection, exposing the data to interception during the transmission. After government auditors discovered this potential breach, SAIC, due to strict breach notification laws in many states in the US, had no option but to publicize their potentially disastrous miscue.

This announcement was just one of hundreds of such breach announcements in 2007, affecting over 160 million consumers worldwide, more than three times the number of consumers impacted by breaches in 2006. The average security breach can cost a

(5)

company between $90 and $305 per lost record, according to a new study from Forrester Research. "After calculating the expenses of legal fees, call centers, lost employee productivity, regulatory fines, stock plummets, and customer losses, it can be dizzying, if not impossible, to come up with a true number," writes Forrester Senior Analyst Khalid Kark. "Although studies may not be able to determine the exact cost of a security breach in your organization, the loss of sensitive data can have a crippling impact on an

organization's bottom line, especially if it is ill-equipped, and it's important to be able to make an educated estimate of its cost."

Standard FTP solutions transfer information in “clear text”. This means anyone can intercept a transfer and gain access to user credentials and the content being transferred. Whether it’s a simple notice to employees about a benefit change or more importantly a highly sensitive contract about a pending acquisition, FTP cannot be counted on to ensure the security of confidential information.

In a market study by OpenText in 2011, about the frequency of FTP Usage within any given corporation, data revealed similar distressing trends with regards to the use of FTP as a file transfer solution. The results revealed in the consolidated responses of business users across all disciplines and positions that 71% use FTP at least monthly in their business

processes. Of the group that implement FTP in order to carry out their file transfer needs regularly, 24% of that group used FTP daily.

Another issue with FTP solutions is productivity. IT departments are often responsible for hosting and managing the FTP servers. As a support department for employees, IT intervention is often required every time there is a request for large file transfers, adding to their work load. The problem beyond the initial interruption to their day is that they have to manage FTP accounts, monitor assets that are made available through the FTP services, remove such sensitive assets in a timely manner, ultimately distracting and impeding their productivity.

The third hurdle: risky physical file transfer

In December of 2009, private health information of 83,000 people was lost on a USB flash drive in North Carolina. This kind of file transfer, which uses physical media, is common, slow, and is resulting in serious risk and cost to corporations. With the average cost of researching a lost record of data being as high as $305 USD, the legal efforts and cost of

(6)

this kind of exposure is very large. Organizations can no longer rely on physical shipment of sensitive information to protect their customers’ private data. Lost DVDs, hard drives, and USB flash drives have opened organizations up to serious risk, lose of brand reputation, increased costs, and non-compliance with regulatory rules. There have been many incidents reported of the consequences of physical file shipment including:

March 2010: USB flash drive with 8,000 patient records lost in the mail by Lampeter Medical Practice

May 2010: 2 unencrypted DVDs with 5,200 employee records lost in transit between City of Charlotte and health benefits consultant

February 2011: Cancer Care Ontario reported that health records, including names, birthdates, gender, health card numbers, and cancer screening test data for almost 6,500 patients were lost in the mail

Driving Change in the File Transfer Game

Olympians perpetually push the boundaries of human success and are always looking for new innovations in equipment and techniques. This innovation changes the game. As the business and compliance landscape changes, so too must the processes and solutions that support the business. The file exchange market is changing based on several drivers.

Heightened awareness of RISK

There is a heightened awareness of the risk concerning the security of information and insecure nature of traditional methods for transferring content. Although still being widely used, traditional transfer methods, such as FTP lack the level of security, auditability, and governance that a growing number of enterprises are seeking. This very reason prompts many enterprises to seek replacement for their aging FTP services.

Demand visibility and manageability

FTP turned 40 years old this year. Today, FTP serves as the foundations for the majority of data transfer and application integration technologies that we all rely on so heavily. However, it does not provide any encryption or guaranteed delivery. In addition, tactically deployed FTP servers are scattered throughout the organization, and often times IT staff are not aware of the extent of the deployment of all the FTP services, much less having the ability to manage them.

(7)

Increased emphasis on policy

The next issue driving change in how we transfer content is an increased emphasis on policies. New reporting requirements related to policies such as HIPAA and PCI DSS have gradually percolated through public firms, leading to increased awareness of

potential exposures related to unauthorized information disclosures. Compliance rules are getting tighter and penalties for due to non-compliance is steep. With this increased emphasis on data protection, organizations need to keep re-examining the security methods they have put in place in all areas of the organization. How is something as simple as an employee attaching a private report on consumer purchases in an email being tracked, managed and secured?

High-visibility information leaks

Over the past couple of years, there have been a number of highly publicized security breaches involving exposure of confidential information. These breaches of security have created a heightened awareness of information leaks, making IT departments examine every aspect of how they protect the transmission of intellectual property and their customer’s private information.

Increased scrutiny by external auditors

As a result of the high visibility of information leaks, auditing firms have also become more aware of the risks associated with uncontrolled file movements, and this is now a key area that they now focus on when performing their reviews. This is putting even more pressure on IT organizations to minimize information exchange exposures.

Information is getting B-I-G

The next big factor that is driving change in how content is transferred is the pure explosion in the production of large digital content. According to IDC in their latest version of Digital Universe (IDC Digital Universe May 2010) data created on an annual base will increase from 1.2 ZB (Zettabytes) in 2011 to 35ZB in 2020 with 84% of the data created in 2020 being unstructured (file/object). Not only is the amount of content being generated skyrocketing, but the average size of that data is getting bigger. It requires knowledge workers to spend too much time to exchange these super-sized digital contents.

Globalized economy

Do any of your employees or customers complain about the painful amount of time it takes to transfer a large file from one office to another? Organizations are now operating on a 24X7 office clock where information needs to be shared, collaborated on, and updated at a rapid pace.

(8)

Achieving Swifter, Higher, and Stronger Quality with

OpenText Managed File Transfer

The employees are the Olympians of their departments, pushing boundaries and constantly reaching greater heights. Similar to an athlete, they require the most cutting edge technology, and Managed File Transfer (MFT) solutions provide the necessary speed, security, and compliance to allow these professionals to soar. The benefits to businesses are an increase in productivity, fewer points of resistance and greater security and peace of mind. MFT solutions are:

 Fast  Auditable

 Reliable  Simple

 Secure  Compliant

OpenText Managed File Transfer

OpenText Managed File Transfer is the answer to the old question “How do I send this?” It is an enterprise solution designed to go the distance for managing the exchange of large files inside and outside your organization. Integrated with easy to use tools such as Microsoft Outlook and the Internet - the management, security, and audit of large file delivery becomes seamless to business users and improves an organization’s productivity, security, and business agility.

OpenText Managed File Transfer Wins the Race:

Transfer files up to 100x times faster than traditional methods Ensure policy driven and transparent file delivery

Reduce the risk of sharing unsecured content between users

Boost team collaboration through fast and secure content sharing around the globe Automate hours and days of inefficiency sending files on hard drives, FedEx, and complicated FTP

Seamlessly integrate into user’s everyday work experience and tools such as Microsoft Outlook

(9)

Empower users to exchange large and small files inside and outside their organization without IT intervention

Centrally manage the movement of critical content with complete traceability and protection of file transfer operations

(10)

About OpenText

OpenText is the world’s largest independent provider of Enterprise Content Management (ECM) software. The Company's solutions manage information for all types of business, compliance and industry requirements in the world's largest companies, government agencies and professional service firms. OpenText supports approximately 46,000 customers and millions of users in 114 countries and 12 languages. For more information about OpenText, visit www.opentext.com.

Sales [email protected] +1 905 762 6400 | 1 877 359 4866 Support [email protected] +1 905 762 6400 | 1 800 486 0095

Managed File Transfer