In my previous posts I've tried to identify why FTP - as used by many organizations today - is such a security issue. The protocol is old, and the implementations of security normally used don't stand up in B2B transactions.
In this post I'm going to talk about the ideal FTP implementation for a small to medium-sized organization where FTP is used to communicate information between business partners.
Deploy a System-wide, Comprehensive, and Configurable Methodology for File Transfers
In the past IT had no system-wide approach to file exchange: FTP alone was considered to be enough to get the job done.
But today, as business-to-business transfers proliferate, it’s time for IT to deploy a strategy that meets the overall requirements of security, flexibility, and ease-of-use.
Here are some basic guidelines that can help IT devise this strategy.
Location, Location, Location
The best solution to securing your FTP implementations will be one that best centralizesand manages the control of those transfers. The practice of distributing file transfers off the main information system complicates management and opens security holes. How does centralizing FTP reduce the number of management issues?
Centralization:
Maintains the rigor of the native operating system’s security mechanisms.
Sustains the compliance requirements that have been already been implemented on the host system. This includes authority controls and reporting prerequisites.
Provides a single-point of maintenance for all FTP user profiles and passwords.
Contains standardized data encryption techniques and centralized key management. Instead of building subsystems for encryptions on individual user platforms, IT can engineer a comprehensive solution that provides better control and security.
Provides a centralized logging system of all file transfer activity for auditing purposes, along with descriptive error logs and message alerts when transfers fail.
Coordinate Access to FTP Functions
As we noted earlier, home-built or custom applications that nest FTP functions within application code are management time bombs: They obscure the configurations and activities of file transfers, and they can leave User IDs and passwords in the open.
If IT has applications such as these, they should utilize a centralized approach to access encryption and FTP functions through a controlled framework. This strategy will enable the central control of server and User credentials, organize configurations, and permit the implementation of other management capabilities such as compliance logging for auditing.
Deploy Encryption at the Data Source
Where files are exchanged across the Internet, data encryption today is no longer an option.
Streamlining the encryption process at the source of data removes layers of complexity for the user, while simultaneously preventing inadvertent exposure on the network, regardless of the file transfer mechanism.
Invest in Ease-of-Use User Paradigms
Finally, don’t forget the End-users and their needs for automation and an easy-to-use interface.
By centralizing FTP functions, IT can provide a standard of usability that automates file transfers in a secure and productive manner.
But if the user’s interface to the functions of FTP doesn’t meet the ease-of-use expectations, the success of centralizing FTP can be threatened. In the end, users may reassert their demands for PC-based, distributed solutions.
There are a number of common elements in the implementation of an ideal file transfer solution.
Deploy a System-wide, Comprehensive, and Configurable Methodology
In the past IT had no system-wide approach to file exchange: FTP alone was considered to be enough to get the job done.
But today, as business-to-business transfers proliferate, it’s time for IT to deploy a strategy that meets the overall requirements of security, flexibility, and ease-of-use.
Here are some basic guidelines that can help IT devise this strategy.
Location, Location, Location
The best solution to securing your FTP implementations will be one that best centralizesand manages the control of those transfers. The practice of distributing file transfers off the main information system complicates management and opens security holes. How does centralizing FTP reduce the number of management issues?
Centralization:
Maintains the rigor of the native operating system’s security mechanisms.
Sustains the compliance requirements that have been already been implemented on the host system. This includes authority controls and reporting prerequisites.
Provides a single-point of maintenance for all FTP user profiles and passwords.
Contains standardized data encryption techniques and centralized key management. Instead of building subsystems for encryptions on individual user platforms, IT can engineer a comprehensive solution that provides better control and security.
Provides a centralized logging system of all file transfer activity for auditing purposes, along with descriptive error logs and message alerts when transfers fail.
Coordinate Access to FTP Functions
As we noted earlier, home-built or custom applications that nest FTP functions within application code are management time bombs: They obscure the configurations and activities of file transfers, and they can leave User IDs and passwords in the open.
If IT has applications such as these, they should utilize a centralized approach to access encryption and FTP functions through a controlled framework.This strategy will enable the central control of server and User credentials, organize configurations, and permit the implementation of other management capabilities such as compliance logging for auditing.
Deploy Encryption at the Data Source
Where files are exchanged across the Internet, data encryption today is no longer an option.
Streamlining the encryption process at the source of data removes layers of complexity for the user, while simultaneously preventing inadvertent exposure on the network, regardless of the file transfer mechanism.
Invest in Ease-of-Use User Paradigms
Finally, don’t forget the End-users and their needs for automation and an easy-to-use interface.
By centralizing FTP functions, IT can provide a standard of usability that automates file transfers in a secure and productive manner.
But if the user’s interface to the functions of FTP doesn’t meet the ease-of-use expectations, the success of centralizing FTP can be threatened. In the end, users may reassert their demands for PC-based, distributed solutions.
The best solution to securing your FTP implementations will be one that best centr
As we noted earlier, home-built or custom applications that nest FTP functions within application code are management time bombs: They obscure the configurations and activities of file transfers, and they can leave User IDs and passwords in the open.