Recent posts on this blog have outlined reasons to consider installing a file transfer system that will help streamline productivity and secure the transfer of sensitive documents. We understand that selecting a product can be time consuming. To help you make the most educated decision here are a few more helpful suggestions to consider when selecting a managed file transfer solution.

• Easy to learn and easy to use – The managed file transfer (MFT) system you choose should have an intuitive interface that can be learned quickly. No programming skills should be required. If it isn’t easy to use, end-users and non-IT personnel will shy away from using it.
• Audit trails – The secure file transfer solution should produce comprehensive audit trails of all file transfer activity and support SYSLOG feeds to a central logging server.
• Produces alerts – An automated file transfer solution should be able to send you email alerts or texts instantly when problems occur.
• Password security – The managed file service you choose should not show password values on any screens or logs. Encrypts all passwords that are stored.
• Remote access – The file transfer product allows for remote administration and monitoring of file transfers, preferably through the browser.
• Web site transfers – The file transfer solution needs the ability to support HTTP and HTTPS protocols for transferring data.

A managed file transfer solution can not only save your department time, but it can also save you money. A comprehensive solution will enable you to complete menial tasks and allow your department to concentrate on the larger picture.

Did I mention we have a managed file transfer product…GoAnywhere? GoAnywhere allows organizations to secure and automate the exchange of data with their trading partners, customers, employees and internal systems. Still not sure what you are looking for? We offer a free product trial and we would be happy to schedule a demo to go over how GoAnywhere can help your company.

Related Blog Post: Top 10 Managed File Transfer Considerations

Bob Luebbe

Bob Luebbe has worked in the IT field since 1985. During his career, he has worked in a wide variety of roles including software development, project management, consulting and architecting large-scale applications. Bob has been with Linoma Software since 1994 and is currently serving its Chief Architect. His main focus for the last several years has been developing technologies to help organizations to automate and secure their file transfers, as well as to protect data at rest through encryption and key management.

More Posts - Website

Before looking for a managed file transfer solution, it is important to determine how data is currently being transferred from your organization. You should find out what users and applications are performing the data transfers, where the source of the data resides, how sensitive the data is, how the data is formatted for the partners and what protocols are used to transmit the information. If the files are encrypted or compressed before transmission, find out what tools and standards are being utilized.

After you’ve done your in-house analysis, then start a search for a secure file transfer solution that best fits your needs. Listed below are the Top 10 managed file transfer considerations.

1. Platform Openness – To reduce the points of connection to sensitive data and reduce the risk of exposure to those without a need-to-know the MFT solution should be installed on the server operating system where the sensitive data and applications reside. If your corporate data mostly resides on the IBM i, then it would make sense to get a MFT solution that runs on the IBM i.

2. Authorization Controls – To meet many compliance regulations, the MFT solution must provide role based access to limit user access to certain servers or MFT functions based on user credentials.

3. Secure FTP – Plain FTP is not secure. The MFT solution must support both SFTP (FTP over SSH) and FTPS (FTP over SSL) protocols for secure FTP transfers.

4. Encryption Standards – At minimum, the solution should support the industry standard encryption standards: AES, Open PGP, AS2, SSH, SSL, TLS and S/MIME.

5. Database Integration – The MFT should readily connect to DB2, SQL Server, Oracle, MySQL and other popular database servers for extracting and inserting data.

6. Data Transformation – Is the ability to translate data between popular data formats including XML, CSV, Excel and fixed-width text formats.

7. Data Compression – Compresses and packages data using popular standards such as ZIP, GZIP and TAR to reduce transmission times.

8. Application Integration – The MFT should provide commands and APIs for interfacing with your applications.

9. Scheduling – Allows transfers and other MFT functions to be scheduled for future dates and times.

10. Key Management – Does the MFT include management tools for creating, importing and exporting keys and certificates?

Related Blog Post: What Qualifies a Product as a Managed File Transfer Solution?

Bob Luebbe

Bob Luebbe has worked in the IT field since 1985. During his career, he has worked in a wide variety of roles including software development, project management, consulting and architecting large-scale applications. Bob has been with Linoma Software since 1994 and is currently serving its Chief Architect. His main focus for the last several years has been developing technologies to help organizations to automate and secure their file transfers, as well as to protect data at rest through encryption and key management.

More Posts - Website

As more and more companies are seeking a MFT to meet their data transfer needs, the question still arises, what exactly is a Managed File Transfer (MFT)? At a minimum, a Managed File Transfer solution is a product that encompasses all aspects of inbound and outbound file transfers that uses industry proven standards with a central, single point of administration. With a wide variety of products claiming to be a Managed File Transfer solution there are some things you may want to ask yourself (and your vendor).

• Does the solution use industry standards protocols for secure data transfers?
• Is the solution centrally administered or are there pc components required for administration?
• Can I be notified in real time of certain events (e.g. errors) if they occur?
• How will this solution affect my customers, vendors and trading partners?
• Can audit reports be generated?
• What type of security controls does the product have in place to allow separation of duties?
• Are there additional modules or add-ons that might need to be purchased?
• If our needs grow beyond our current platform, how does this solution grow with us?

As you research a vendor to handle your Managed File Transfer needs, make sure you choose a vendor that is able to not only meet your current needs, but the needs of the future. Feel free to contact us to discuss your current and future needs as well as answers to the above questions and more.

Bob Luebbe

Bob Luebbe has worked in the IT field since 1985. During his career, he has worked in a wide variety of roles including software development, project management, consulting and architecting large-scale applications. Bob has been with Linoma Software since 1994 and is currently serving its Chief Architect. His main focus for the last several years has been developing technologies to help organizations to automate and secure their file transfers, as well as to protect data at rest through encryption and key management.

More Posts - Website

Field Encryption on the IBM i just got easier.

SQL Field Procedures are a new DB2 feature in version 7.1 that allows a user-specified “exit” program to be called whenever data is read from, inserted into, or updated in a field (column).   This is somewhat similar to database column triggers; however there are two distinct advantages:

1. Field Procedures allow data to be modified on a Read operation, which allows the exit program to automatically decrypt the field value before it is returned to the customer’s application.
2. Field Procedures provide a separate internal space to store the encrypted version of the field value.  This allows organizations to encrypt numeric fields such as packed decimal, signed decimal and integer data types without having to store the encrypted values in a separate file.

While IBM provided the hooks into the database with Field Procedures, they rely on 3^rd party vendors like us to provide the encryption functions and key management. Linoma worked closely with IBM to test the new Field Procedures and provide feedback to their development team during the early release beta program for 7.1.  This also allowed Linoma sufficient time to fully integrate Field Procedures into Crypto Complete for readiness when i 7.1 ships.

We’re excited about Field Procedures since it will allow customers to implement column-level encryption on the IBM i without modifying their applications.  This is especially important if a customer is running a canned application and/or does not want to modify their source code.

Bob Luebbe

Bob Luebbe has worked in the IT field since 1985. During his career, he has worked in a wide variety of roles including software development, project management, consulting and architecting large-scale applications. Bob has been with Linoma Software since 1994 and is currently serving its Chief Architect. His main focus for the last several years has been developing technologies to help organizations to automate and secure their file transfers, as well as to protect data at rest through encryption and key management.

More Posts - Website

Personal data privacy is one of the greatest concerns individuals have when doing business over the web and in person.  It seems it is commonplace for a company to notify their customers that their personal and/or account information has been compromised by a hacker or a disgruntled employee (e.g. TJ Maxx, Wells Fargo, Bank of America).  While you’d think businesses would do everything they can to protect their customers’ personal information, they will weigh the risks and likelihood of a data breach happening versus the cost and time to implement such security measures.  Knowing this, the payment card industry (PCI), government agencies and many states have put together a list of requirements that businesses must follow in order to do business with them or in their state.  The problem is they often don’t enforce these regulations and fines are only imposed after a data breach happens.

I just returned from Framingham, Massachusetts where we exhibited at the Northeast User Group conference.  Massachusetts has a very strict data privacy law.  Not only do businesses in Massachusetts need to protect their customers’ personal information but so do businesses who have in their database the personal identifiable information of people from Massachusetts.  One of the requirements says organizations must:

“Encrypt all transmitted records and files containing personal information that will travel across public networks.”

Several of our customers mentioned our products have helped them meet the Massachusetts’ data privacy requirements.  They have implemented field encryption using Crypto Complete and are using our GoAnywhere Director to encrypt file transfers.  They have minimized the risk of a data breach happening at their company by using both solutions.  Unfortunately, I also had many other individuals stop by Linoma’s Booth who said their management does not want to allocate any resources (time or money) towards securing personal and confidential data.  They know they should do it and are required to do so, but it’s just not high on their priority list right now.  I’m afraid this mindset may be more popular than we think, which is concerning.

Is the company you work for securing personal data?  Is your company looking for a solution to secure data?  Find out today how we can help your company avoid sending the inevitable letter that your confidential information has been breached. Not only can we help you avoid facing public humiliation, our products can help save you time and money by streamlining the secure data transfer process.

If you are interested in seeing how Linoma’s solutions can encrypt your data at rest and when it’s transferred, don’t hesitate to contact us at 800-949-4696.

Brian Pick

Sales Manager

Bob Luebbe

Bob Luebbe has worked in the IT field since 1985. During his career, he has worked in a wide variety of roles including software development, project management, consulting and architecting large-scale applications. Bob has been with Linoma Software since 1994 and is currently serving its Chief Architect. His main focus for the last several years has been developing technologies to help organizations to automate and secure their file transfers, as well as to protect data at rest through encryption and key management.

More Posts - Website