MOVEit. Secure Managed File Transfer. April 19, 2016

April 19, 2016

MOVEit

MOVEit

MOVEit

MOVEit

Secure Managed File Transfer Secure Managed File Transfer Secure Managed File Transfer Secure Managed File Transfer

Patient Records

Account Statements Insurance

Claims

Legal Documents Loan Information X-Rays Test Results Purchase Orders XML Data Files Large Video Files

Credit Card Payments Customer Information

Moving Files is Business Moving Files is Business Moving Files is Business

Different Industries Different Industries Different Industries

Different Industries Have Different File Transfer NeedsHave Different File Transfer NeedsHave Different File Transfer NeedsHave Different File Transfer Needs

Healthcare

Transfer Files: patient records and claims

information

To / From: billing department and

insurance companies, health plan providers and payer organizations

In Compliance with: HIPAA

Financial Services

Transfer Files: batch credit card transactions, lock-box

movement reports, ACH transactions, or check images

To / From: data centers, branch locations, merchants,

other banks, and payment processors: ACH/EFT/e-payment vendors

In Compliance with: PCI-DSS and privacy laws /

regulations

Government

Transfer Files: citizen health records,

employee information, records, and contracts

To / From: local, state and federal agencies

and departments, citizens, insurance companies, banks, and businesses

In Compliance with: privacy law/regulation

All Industries

Transfer Files: batch transaction data, large image

files, videos, or other structured and unstructured data

To / From: datacenters, remote locations, vendors,

customers, brokers, government agencies, banks, or cloud based services and storage

File Contain Sensitive Data File Contain Sensitive Data File Contain Sensitive Data File Contain Sensitive Data

• Sensitive data needs to be secured and managed – Personal Identification Information (PII) – Name, SSN,

payroll, tax records

– Financial data – Credit Card #s, Credit applications…

– Business data – Intellectual property, POs and invoices, financial records…

Regulatory Compliance Regulatory Compliance Regulatory Compliance Regulatory Compliance

• SOX, PCI, GDPR

– Security mandates for the protection of sensitive data assets – Defines how IT secure and manage files

• Subject to internal and external audits for proof of compliance

– Can be disruptive to IT operations – Failure to comply can be costly

Regulatory Compliance Regulatory Compliance Regulatory Compliance Regulatory Compliance SOX (Sarbanes-Oxley)

Ensuring the integrity of corporate financial data

Pur essendo una legge americana, molti siti italiani di multinazionali quotate in borsa negli USA, sono interessati dall'applicazione SOX.

Significant fines

Delayed release of financial results Loss of reputation

PCI DSS

(Payment Card Industry Data Security Standard)

Protecting credit card and PII information Significant bank fines, Increased transaction fees

Legal action and remediation costs Loss of reputation

GDPR

(European Union's) General Data Protection

Regulation

Obligation to protect personal data across the borderless enterprise • Protecting Personally Identifiable Information (PII)

Support for secure transfer protocols, end-to-end encryption, guaranteed delivery and non-repudiation, Automated file management policies

• Managing PII

Automated file exchange, policy based file access and data loss protection (DLP)

• Managing System Exposure

High availability and disaster recovery, Monitoring and reporting for auditing and forensics

Legal action and Penalties Remediation costs

How O How O How O

How Organizations Use File Transferrganizations Use File Transferrganizations Use File Transferrganizations Use File Transfer

• Move large files

For instance moving diagnostic images for healthcare applications

• Communicate between systems as part of a business process

For example a customer and vendor automatically sharing files, as part of their purchasing process.

• Collaboration between users/devices

Project Management, Customer Service/Technical Support, etc.

• Internal and external communications (borderless enterprise)

Files Move Files Move Files Move

Files Move Across Across Across Across the the the the ‘Borderless Enterprise’ between ‘Borderless Enterprise’ between ‘Borderless Enterprise’ between ‘Borderless Enterprise’ between Systems and People

Systems and PeopleSystems and People Systems and People

System-to-System

Insurance: insurance enables small businesses

to upload photos, claims via the web UI then automate directly to back-end systems

Retail: Retailer enables distributor and

manufacturer to upload product data & prices lists and automate upload to ecommerce systems.

System-to-Person

Person-to-System Financial: transaction records between

internal finance system on a mainframe and systems at corporate bank

Healthcare: patient record updates

between patient management system at a doctors practice and the hospital

Financial: Banking systems automatically

generate transaction statements and make them available for user download

Sales: Auto-generate management reports

and securely transfer them to execs, who access them via mobile devices

Person-to-Person

Sales: Securely transfer bids, proposals, and POs Healthcare: Hospital admin forwards patient

records to insurance company

Project Management, Customer Service/Technical Support, etc.

File Transfer Today File Transfer Today File Transfer Today File Transfer Today

Email Attachments _{Cloud File Share FTP Servers} Home Grown Scripts

• File size limitations

• Increased security concerns • Need for regulatory compliance

• Increased user expectations for ease-of-use

Challenges With File Transfer Challenges With File Transfer Challenges With File Transfer Challenges With File Transfer

Process too manual, requires too much setup
Homegrown tools and

scripts

Products from too many vendors

Partners dictate

methodology, no unified standard

No way to automate

Can’t scale to meet growing demand
Not responsive to

business needs
Little insight into files,

events, and people
Blind to issues when

they occur
Employees bypassing IT systems
No centralized file transfer system
Subject organization to added security risks
“Flying Blind”

Don’t know where files are at all times

No ability to prove files get delivered
All the accountability /

I already have a File Transfer System. I already have a File Transfer System. I already have a File Transfer System.

I already have a File Transfer System. Why Why Why change?Why change?change?change?

Improve Security

• End-to-end encryption • Integrate to IT security

infrastructure

• Push/pull files without any direct external access to trusted network • Data back-up with no data loss

Reduce Costs

• Monitor all file transfer activity and track performance in one place

• Automate report creation and distribution for cost effective SLA and regulatory compliance • Flexible scale to meet growing demand without

configuring new systems

Improve IT Responsiveness

• Quickly automate file-based tasks without programming required

• Empower end-users to on-board partners and get file status

• Assuming 10,000 files transferred per year organization-wide

• 4% – 5% of all transfers contain errors

Impact of Digital Do Impact of Digital Do Impact of Digital Do

Impact of Digital Do----ititit----yourself File Transferit yourself File Transferyourself File Transferyourself File Transfer

Cost of lost data is high. Cost of non-compliance

with regulations is high.

>$125,000 additional cost every year*

Cost of traditional FTP systems vs a managed file transfer solution: The cost to

maintain existing systems is high.

* Aberdeen report, 2013 • 4 – 5 hours per incident to troubleshoot/fix • $55 / hr cost for IT admin (salary and overhead)

MOVEit MOVEit MOVEit

MOVEit Elevator PitchElevator PitchElevator PitchElevator Pitch

MOVEit is an automated file transfer solution that lets you manage, view, secure and control all activity through a single system. You will always know where your files are with

predictable, secure delivery and extensive reporting. MOVEit enables IT to:

• Transfer business files reliably and securely

• Automate file-based tasks and business workflows • Gain visibility and control over file transfer activities • Security and regulatory compliance

Visibility: Automate report creation and distribution for SLA and regulatory compliance

Responsive: Automate file-based tasks without programming

Secure: Integrate with existing IT security infrastructure

Protect: End-to-end encryption & guaranteed delivery

Reduce IT cost: Monitor all file transfer activity and track performance in one place

24/7 operations: Zero downtime, no data loss for local failover or remote disaster recovery

MOVEit MOVEitMOVEit

MOVEit Managed File Transfer ComponentsManaged File Transfer ComponentsManaged File Transfer ComponentsManaged File Transfer Components

Easy and Reliable File-based Automation Secure Server

for Moving Files

Ad Hoc Transfer: Employees and partners can send sensitive files

Mobile: Productivity for your Mobile Workforce

Ipswitch Failover: Provides automated failover to servers at local and remote disaster

recovery site.

High Availability/Webfarm: Provides scalability for performance and high availability API: Provides programmatic access to core file transfer services.

A D D -O N M O D U LE S

Flexible Reporting and Monitoring for MOVEit MFT

MOVEit MOVEitMOVEit

MOVEit Managed File TransferManaged File TransferManaged File TransferManaged File Transfer

Partner integration: secure external access or automated push Partner integration: secure external access or automated pushPartner integration: secure external access or automated push Partner integration: secure external access or automated push

FTPS, SFTP, HTTPS, AS1/AS2/AS3 F T P S , S F T P , H T T P S H T T P S F T P S , S F T P , H T T P /S FTPS, SFTP, HTTPS, AS1/AS2/AS3 OPEN PGP, ZIP OR OTHER PROCESS

Why Our Customers Chose Why Our Customers Chose Why Our Customers Chose

Why Our Customers Chose MOVEitMOVEitMOVEitMOVEit

File Transfer

Security Visibility Automation

User Adoption Availability Scalability

MOVEit MOVEit MOVEit

MOVEit Secures File TransferSecures File TransferSecures File TransferSecures File Transfer

Sensitive Files

Guaranteed Delivery

• File integrity checking, SHA-1 (Secure

Hash Algorithm) to validate that a file has not been altered in any way.

• Non-repudiation

• Transfer retry/resume

Secure Software Development

• Intrusion detection

• Penetration testing

• OWASP Open Web Application Security

Project best practices

Content Scanning

• Data Loss Prevention (RSA, Symantec, McAfee).

Submits files to scan for data breaches and loss

• Anti-virus (Symantec, Sophos and McAfee)

Transferred files can be allowed, blocked or quarantined

Security in Transport and at Rest

• At rest - AES 256 encryption

• In transport - HTTPS, FTPS and SFTP via

SSH and TLS/SSL

• OpenPGP encryptions

• FIPS 140-2

Robust Log Files and Extensive Reporting Robust Log Files and Extensive Reporting Robust Log Files and Extensive Reporting Robust Log Files and Extensive Reporting

Event Notification & Tamper Evident DB Event Notification & Tamper Evident DB Event Notification & Tamper Evident DB Event Notification & Tamper Evident DB

P a rtn e r S y ste m s P A R T N E R B U S IN E S S S Y S T E M S IN_T E R N A L B U S IN E S S S Y S T E M S

Partner Network Internal Network

EXISTING INFRASTRUCTURE EXISTING INFRASTRUCTURE CUSTOM INPUT/OUTPUT OTHER INFRASTRUCTURE Secure FT Servers Secure FT Clients Email Web Portal Network Share Secure FT Servers Secure FT Clients

ETL Systems Database

DLP, AV, IdP, Directory Services, Job Scheduler V e n d o r E D I C u sto m e r S y ste m s B a n ki n g S y ste m s E R P H R C u st o m A p p s M a in fr a m e A p p s F in a n cia l R o b u st Lo g g in g Ta m p e r E v id e n t D B E ve n t N o tif ic a tio n E xt e n siv e R e p o rt in g

MOVEit MOVEit MOVEit

MOVEit Central Automates File TransferCentral Automates File TransferCentral Automates File TransferCentral Automates File Transfer

• Workflow Engine: simple user interface for automating file transfer tasks

• Custom file processing

for example unzipping a file before transferring it to a backend application

• No Scripting required • Built in scheduler

MOVEit MOVEit MOVEit

MOVEit Enables User AdoptionEnables User AdoptionEnables User AdoptionEnables User Adoption

• Desktop clients, including web browser and MS Outlook add-on

• MOVEit Ad Hoc - Simple person-to-person file transfer

• MOVEit Mobile - Access for IOS and Android phones and tablets

MOVEit MOVEit MOVEit

MOVEit Enables User AdoptionEnables User AdoptionEnables User AdoptionEnables User Adoption

• Extend IT visibility and control over file transfers

– User and group provisioning, access and permissions – Delegated administration

– Set user quotas (Number of files, storage space) – Expiration rules for files and folders on a server

• Policy management

– Authentication (LDAP, Active Directory, ODBC and Radius) – Password policies

Person to Person Ad Person to Person Ad Person to Person Ad

Person to Person Ad----Hoc for Hoc for Hoc for Hoc for MOVEitMOVEitMOVEitMOVEit

24

Read message and download attachment

Send email notification with link to message and

attachment Optional receipt

Upload message and attachment

Receive notification with link to message and attachment

MOVEit MOVEit MOVEit

MOVEit Delivers Availability and ScalabilityDelivers Availability and ScalabilityDelivers Availability and ScalabilityDelivers Availability and Scalability MOVEit High Availability

• Server Farms for increasing MOVEit

capacity and availability • Load Balancing across

multiple MOVEit nodes

MOVEit DMZ MOVEit DMZ MOVEit DMZ

M MM

MOVEitOVEitOVEitOVEit Is a Critical ApplicationIs a Critical ApplicationIs a Critical ApplicationIs a Critical Application

Enables Business Growth Mitigates Liability and Risk Reduces Cost

Enhancing operational efficiency and user productivity,

consolidating ad hoc, B2B and A2A FT systems into a single platform, simplifying FT for users and partners, management and support for IT.

Provides IT with greater visibility and control over the security of their sensitive files. Simplifies the implementation security

technologies and enforcement of security policies.

cuts IT time and effort, frees them to work on high priority projects, reduces licensing and support costs, delivers an attractive ROI and fast time-to-value

Email

Nice WEB UI, easy to use, no file size limitations, delegated Administration (privileges to group Admins, for example PMs)

WAN/External

DMZ LAN/Internal

ProjectX

Demo Demo Demo Demo

• MOVEit FT/DMZ

Branding, Create Users (LDAP, SSO), Protocol policies, IP Ranges

• Groups

Ease permission management for folder structure, Add users to group

• Folders

Permissions, folder access, group permission for folders File upload

• Ad-hoc • Logs

• Reports

192.168.40.30 FileZilla User bosshogg Folder “TransferredFiles” WS_FTP Pro 12.5.1 192.168.40.31 MOVEit 8.3

hMail – domain hazzard.com – POP Accounts

Thunderbird

192.168.40.32 Central 9

hMail – domain paolodomain.com - SMTP Accounts

Thunderbird

VMNet1 – Host only

MOVEit Folders: “HazzardFolder” “Mail attachments drop off”

Shared Folder: HazzardProject\MOVEit

Synchronize "HazzardFolder" MOVEit Folder -> Shared Network Folder "HazzardProject\moveit"

Take Email Attachment of [email protected] -> Tamper Check -> save them to MOVEit Folder "Mail attachment drop off" Take “TransferredFiles” from Filezilla Server -> Zip Them -> Send the zip as Email Attachment to [email protected]