By Jim Morris
Information exchange, by definition, involves endpoints (analogous to a transmitter and a receiver in a communication system) and at least one transfer medium (analogous to a communications channel). Because information is at risk while at rest on the endpoints and during transfer between endpoints, there is an increasing market need for what we refer to at GlobalSCAPE as “total path security.” Total path security protects information from its creation on an endpoint through delivery and retention on a receiving endpoint.
From our perspective, endpoint information security is a natural extension to managed file transfer (MFT). MFT provides the secure channel. Endpoint security measures protect the sending and receiving information systems, as well as the servers that participate in the information exchange. Without both MFT and endpoint security, a business can’t expect to maintain ‘acceptable’ levels of security. There’s little merit in going through all the trouble of securing the transfer if the information comes from an unsecured source or is going to land in an insecure place.
In today’s all-digital, around-the-clock world, the MFT market is evolving to include more solutions that enable ad hoc file transfers. This evolution, while expected and necessary, introduces additional risk compared to traditional MFT approaches. Traditional MFT solutions typically facilitate structured, business-to-business or business-to-person file transfers, allowing them to take place with central administration control and in better accordance with risk management principles.
Enabling MFT solutions to support ad hoc exchange of data within and outside of organizations provides end users with more freedom to transfer information at a place and time of their choosing. Delivering ad hoc file transfer capability within an MFT framework provides IT and the business with an effective way to monitor the movement of sensitive information and ensure it remains safe and compliant during its travels. This is an essential step in mitigating the risk introduced by ad hoc file sharing, especially considering the concentration of data and information in motion during MFT operations. However, MFT solutions alone increasingly will not suffice given the exponential growth in malware and other information security threats.
To meet risk management objectives in the current and projected threat environment, business leaders and IT professionals are also demanding total path security from their information security vendors. Whether or not organizations and individuals use this exact terminology, they do recognize that total path security helps to ensure satisfaction of corporate and government security standards while data is at rest and in motion.
The “at rest” aspects of the security market are receiving increasing attention in the MFT market because there are MANY more endpoints than channels creating the pathway (basic math will show this for any IT infrastructure). When you establish the MFT channel, each endpoint potentially threatens any other endpoint. MFT vendors must be able to work with customers to protect those endpoints as they bring and install the information exchange solutions. This allows companies to maintain sound security policy and compliance as well as help avoid the adverse consequences of a breach or data loss.
At GlobalSCAPE, we’re taking proactive measures to do our part in enabling the future of secure information exchange and providing total path security.
