Why Bother Upgrading Beyond Standard FTP?

Thursday, September 26, 2013 Posted by

Right out of the box, most operating systems come with a built-in File Transfer Protocol (FTP) tool that makes it possible to transfer large files between people, computers and servers.  It accomplishes the key goal, which is to deliver the file from one place to another.  However, too many organizations’ philosophy has been that as long as the files were getting where they needed to go, standard FTP was good enough. That was especially true when they were transferring files internally.

The truth is that FTP alone has never been good enough, because too much information (file data, user names, passwords, etc.) is vulnerable to hackers and it only takes fairly rudimentary hacking skills to steal it.  Now with increased pressure to protect sensitive data coming from regulators and consumers, it’s urgent that companies implement a more secure file transfer method.

Take a look at this short video to hear Bob Luebbe, Linoma Software’s Chief Architect, talk about the dangers of standard FTP.

 

At the end of this video, Bob mentions the value of clustering and load balancing to promote high active-active availability. Since this video was produced, we’ve also added these features to both GoAnywhere Services and GoAnywhere Director.

In fact, Bob just delivered a free webinar on the latest updates to GoAnywhere, and you can view a recorded version here.

Updates for GoAnywhere Include Clustering, Disk Quotas, and More

Wednesday, August 21, 2013 Posted by

In response to customer requests, especially from larger organizations, Linoma Software has released new enhancements such as clustering and disk quotas for GoAnywhere Director and GoAnywhere Services.  These updates to the GoAnywhere Managed File Transfer suite provide even more robust administrative control, and add automatic failover protection in the event of a server failure.

GoAnywhere Director 4.5.0 adds clustering

The new release of GoAnywhere Director 4.5.0 got a big boost when developers added clustering, a feature they added to GoAnywhere Services earlier this year.  Clustering, also know as “active-active” high availability, means that multiple installations of GoAnywhere Director can be in operation simultaneously, communicating with each other at all times.

GoAnywhere Director Clustering for High Availability

There are several advantages to clustering.  It provides assurance for users and trading partners that if something were to go wrong with one of the servers, the additional installations would automatically take over so availability would not be affected.  It also allows for load balancing, which is especially helpful for organizations with high volumes of file transfers.  Finally, it makes it easy for organizations to manage growth because they can easily incorporate additional servers to their managed file transfer environment.

GoAnywhere Services 3.3.0 adds disk quotas, bandwidth throttling

GoAnywhere Services 3.3.0 offers administrators even greater control over how users interact with their secure FTP servers.

One key enhancement is the addition of disk quotas, which allows admins to determine how much storage space to give to each trading partner and user to better manage storage device resources.

Bandwidth throttling, also new to GoAnywhere Services 3.3.0, lets administrators put limits on the amount of network resources a user can consume when transferring files.  With this feature, controls can be enforced on file uploads, downloads and even on which days or times of day are available to specific users.

With more than 50 updates in this round of enhancements, GoAnywhere continues to respond to the needs of its ever-growing consumer base.  GoAnywhere customers will be notified within their product screens that an update is available, and those who are not yet customers can contact us to get a free demo, or can download a fully-functional free trial.

For more information about the features included in the new releases, check out our news page.

 

Video: How to Encrypt Files with OpenPGP Studio

Wednesday, August 7, 2013 Posted by

Have you ever been asked to email a file that includes personal information like your prescription records, or your banking account information, or even your social security number?  Many people share that kind of information over the internet and simply hope that it doesn’t get hacked.

Download OpenPGP StudioLinoma Software, developer of the enterprise solution GoAnywhere™ Managed File Transfer Suite, has made it much easier to keep this kind of confidential data protected with its recently released desktop encryption tool called GoAnywhere OpenPGP Studio™.

This free PC tool is designed for people who occasionally need to share or store sensitive data.  OpenPGP Studio lets users encrypt, decrypt, sign and verify files from their PCs or workstations.  An integrated key manager allows anyone to quickly create, import, export and manage OpenPGP keys needed to encrypt and decrypt files. Best of all, it’s intuitive so even those who claim to be “non-technical” can confidently use OpenPGP Studio.

Here’s a video, also available on YouTube, that shows just how easy OpenPGP Studio is to use.

 

You can download OpenPGP Studio from the GoAnywhere website, and then let us know what you think!  If you need a more robust solution that includes automation, check out the GoAnywhere suite of products.

 

OpenPGP, PGP and GPG: What is the difference?

Thursday, July 18, 2013 Posted by

With privacy capabilities of encryption methods such as PGP (Pretty Good Privacy), data security can be heightened and privacy can be achieved.  There are various approaches, however, and various elements of comparison for each of these acronyms.  This article will explore the differences between PGP, OpenPGP, and GPG (GNU Privacy Guard), offering brief histories of their creations and summaries of their capabilities.

PGP (Pretty Good Privacy)

The company, PGP Inc., owned the rights to the original PGP encryption software.  This software was developed by Phil Zimmermann & Associates, LLC and released in 1991 to ensure the security of files that were posted on pre-internet bulletin boards.  From 1997 until 2010, the software changed hands several times until it was acquired by Symantec Corp., who continues to develop the PGP brand.

PGP encryption uses a combination of encryption methodologies such as hashing, data compression, symmetric-key cryptography and public key cryptography to keep data secure.  This process can be used to encrypt text files, emails, data files, directories and disk partitions.

OpenPGP

Automate OpenPGP EncryptionZimmerman, one of the original PGP developers, soon began work on an open-source version of PGP encryption that employed encryption algorithms that had no licensing issues.

In 1997 he submitted an open-source PGP (OpenPGP) standards proposal to the IETF (Internet Engineering Task Force), to allow PGP standards-compliant encryption vendors to provide solutions that were compatible with other OpenPGP-compliant software vendors.   This strategy created an open and competitive environment for PGP encryption tools to thrive.

Today,  OpenPGP is a standard of PGP that is open-source for public use, and the term can be used to describe any program that supports the OpenPGP system.

GPG (GNU Privacy Guard)

GnuPGP was developed by Werner Koch and released in 1999 as an alternative to what is now Symantec’s software suite of encryption tools.  It is available as a free software download, and is based on the OpenPGP standards established by the IETF so that it would be interoperable with Symantec’s PGP tools as well as OpenPGP standards. Therefore, GPG can open and unencrypt any PGP and OpenPGP standards file.

GPG provides a graphic user interface when integrating into email and program systems such as Linux.  Some software solutions for encryption utilize GPG coding, while others encrypt using command line functions in a menu-based Perl script.

A variety of popular solutions have developed their PGP encryption products following the OpenPGP standards.  Some of these products include GoAnywhere OpenPGP Studio and GoAnywhere Director.

Summary

OpenPGP is the IETF-approved standard that describes encryption technologies that use processes that are interoperable with PGP.  PGP is a proprietary encryption solution, and the rights to its software are owned by Symantec.  GPG is another popular solution that follows the OpenPGP standards to provide an interface for end users to easily encrypt their files.

As the need to encrypt and protect data becomes ever more critical, organizations will continue to develop software based on these three systems.

 

Could your FTP server pass a compliance audit?

Tuesday, July 9, 2013 Posted by

data security compliance auditIf an auditor showed up in your office tomorrow and wanted to examine your file transfer security policies and procedures, how confident are you that your organization would earn high marks?

Take this short quiz and find out.

  1. Are you still hosting an outdated SFTP or FTP server in the public area of your network (or DMZ)?
  2. Do trading partners have access to inbound ports within your internal network to drop off or retrieve files?
  3. Are your administrative security controls granular enough to manage user access to specific files, folders and areas of the network?
  4. Can you monitor all file transfer activity and maintain detailed audit logs?
  5. Do employees have easy access to an ad hoc file transfer tool that lets them transfer files of any size, all while generating audit trails?

To find out how auditors expect you answer these questions, don’t miss our next webinar:

Get Your FTP Server Into Compliance
Thursday, July 18 at Noon Central

Linoma Software’s Chief Architect Bob Luebbe will show you how the GoAnywhere Services secure FTP server can work with GoAnywhere Gateway to keep sensitive data and credentials safely in your internal network and out of the DMZ.  He’ll also demonstrate how the two work together to allow you to exchange files with trading partners without opening inbound ports.

Do your homework so you can prepare for a visit from the auditor.  Sign up today!