News: Federal File Transfer needs to be more secure
According to a report from MeriTalk, file transfer within the Federal government is simply not secure. There are some quite shocking details. For example, out of 200 Federal IT and information security professionals contacted in April 2010
- 71% are concerned with the current security of file transfers in the Federal government
- just 58% say employees are aware of secure file transfer policies
- 52% e-mail work files through personal e-mail accounts (e.g., Gmail, Yahoo, etc.)
- 66% use physical media (e.g., tapes, CDs, DVDs, USB drives, etc.)
- 60% use File Transfer Protocol (FTP)
The government is, of course, not unaware of the problem; and to tighten Federal file transfer security, the House of Representatives passed the Secure File Sharing Act on March 24, 2010, which will prevent government employees from using peer-to-peer file-sharing software (including FTP) either in the office or when accessing government networks remotely. It’s not enough, but it’s a start; but it is likely to lead to a massive compliance problem when so many staff are so accustomed to being careless over security.
Enter Axway. An updated version of its File Transfer Direct combines the ease of email with the vigorous security capabilities of Axway’s core managed file transfer (MFT) products. Administrators can establish predefined rules to prevent loss of sensitive information like confidential intellectual property, customer data, employee records and financial information. They can set governance policies requiring recipients to identify and authenticate themselves – via a user name and password or single sign-on – prior to downloading sensitive attachments.
Nearly everyone knows firsthand the frustrations involved with sending large files. The issue becomes more complex when you are dealing with highly confidential and sensitive data. End users need the tools to conduct their business interactions, while IT departments need to prevent data loss and protect the organization from risk. And once the data leaves the organization, you need control over how that information is disseminated to other individuals. The new version of File Transfer Direct addresses that concern with authentication that makes the data loss prevention (DLP) capabilities even stronger.
Dave Bennett, chief technology officer, Axway