7 Reasons Why MFT is Good for Data Security
Has there ever been a worse time for being impacted by a data breach?
The economic hangover caused by the COVID-19 pandemic is being felt by companies large and small. With ailing balance sheets across the FTSE, NASDAQ and globally, no one wants the hassle and humiliation of making front-page news from having sensitive data leaked online.
In May, statistics provided to the Guardian newspaper reported a 60% rise in attempted cyber-crime during the COVID-19 outbreak; statistics wholly backed up by reports from multiple organisations.
Managed File Transfer (MFT), a powerful data movement tool that helps to prevent data loss, is now being used by IT departments in many modern organisations due to the way it can make light work of connectivity, security and managing risk.
Today, we are looking at the management of this risk and, ultimately, the convenience and safety MFT software can offer you and your business.
1: MFT offers better security.
Put bluntly, MFT is simply better at security than whatever you’re trying to do without it. Here’s what’s on offer out of the box:
- Easy configuration and alteration of cipher suites
- In-built key management
- Advanced access controls
- Auditing and reporting of users and administrators
Four drastic benefits – and more available beyond that. To match these features with a do-it-yourself configuration would take major investment of time and effort, with no room for error. In reality? A DIY solution might ‘do the job’, but your data is likely to still be at risk.
2: FTP is risky.
Not as widespread as it once was back in 1976 – and for good reason! But despite this, FTP is still the easiest to set up and provide for free. Simply pumping the phrase “How to use FTP” into Google returns 163 million results. Some organisations still have a niche requirement for it, but they’re few and far between these days.
MFT platforms offer ease of configuration for more secure protocols in FTPS, SFTP and HTTPS, making migrating out of the dark ages that little bit easier.
3: MFT saves time and money.
What was once a good idea that saved a few Euro isn’t always going to be the case moving forward.
A common scenario we see is customers having regulatory requirements to use certain technologies in their transfers and security parameters. For example, a trading partner of yours may mandate all SFTP connections to use the Key Exchange Algorithm Diffie-hellman-group-exchange-sha512 to connect to their site, or 3des-ctr as the encryption cipher.
If you’re faced with a blinking cursor in a terminal and a slew of connections running on a box that needs to be updated, you’ll be banging your head against the wall.
MFT provides this information in visual reports and, perhaps even most importantly, lets you alter it at varying levels. That amount of visibility and control saves time and money. It’s that simple.
4: MFT meets compliance.
We all love legislation, don’t we? We just glow thinking about it! SOX is a family favourite, with PCI-DSS, GDPR and CCPA coming a close second.
Joking aside, you know the score: falling on the wrong side of any regulation is a compliance nightmare you hope you’ll never have to deal with. Mess up and you’ll risk serious damage to your company’s brand, be subjected to fines and you’ll lose customers and maybe even suppliers. Rebuilding can take years.
MFT software is built to comply with all key regulation, which is does easily. Can the same be achieved with vsftpd running on CentOs? Can you get authentication logs from SolarWinds on Windows? It’s just not practical – and it’s not worth the effort.
5: MFT gives you better control of files and data.
Let’s look at a common example for this one: You want to be able to provide an anonymous login account with read-only access. Doable via a homebrew setup? Certainly. Better with MFT? Absolutely.
MFT has all the permission controls and virtual folder creation abilities you need, with none of the hassle of working out how to apply them. We’ve all chmod’d incorrectly or CHRoot’d when we should’ve CHown’d. As for the Windows server permission structure, just who is a member of the EVERYONE Group anyway?
MFT removes the headaches. All you do is tick the box the permission applies to. No tick, no access. Simple.
6: MFT is more flexible and robust than other solutions.
MFT is a very flexible piece of software and that fact applies across licensing, configuration and deployment.
Scaling both horizontally and vertically is relatively fluid if load increases – something that, while possible with a DIY or cheaper transfer solution, involves a tedious and uncertain process where you’ll need to buy, deploy and understand gateways, load balancers and other expensive network devices and hardware.
Cloud friendly MFT tools can exploit exciting new cloud and virtualisation capabilities available to scale up to quickly meet demand. Even better, they can be failed over to a DR site in the event of an outage – and that’s almost impossible to achieve with freeware.
7: MFT provides comprehensive data auditing, tracking and reporting.
Auditing and reporting are still one of the top drivers towards an MFT purchase.
Requests are so last decade: You want visibility. You want to consolidate transfers to one visible location and need to know what accounts are going unused. Guess what? Two or three clicks later and, with MFT, you’ve got a custom report covering everything.
That flexibility is available on demand. Need to be notified of any file transfer? Easy.
Need an alert for when you miss a file that might breach an SLA or NDA? No problem.
And it’s reliable. There’s none of the risk associated with a cobbled-together homemade solution.