Ipswitch Blog

The Business Case for Managed File Transfer – Part I

| February 3, 2014 | Events, Managed File Transfer
derek-brink--security-file-transferIn a webinar I participated in recently with Ipswitch File Transfer I shared the following from an analysis and comparison of companies that use managed file transfer (MFT) solutions, and companies that don’t:
Performance Metrics
(last 12 month avg.)



MFT Advantage

Errors / exceptions / problems,
as a percentage of the
total annual volume of transfers




Time to correct an identified
error / exception / problem


387 minutes


The comparison is easy enough to understand: MFT users experienced 26% fewer errors, exceptions, and problems as a percentage of the total annual volume of transfers, and they were 4.8-times faster to get going again when an error, exception, or problem did occur.

This is nice information to have for marketing purposes, but what does it really mean for the business?

A couple of quick, back-of-the-envelope calculations based on these findings shed some interesting light on this question:

  • Let’s base our analysis on an annual volume of 1,000 file transfers. This makes it easy for you to personalize for your own particular environment – for example, if your annual volume is 10,000 transfers, you can simply multiple these results by 10.
  • Let’s assume that the average percentage of errors, exceptions, and problems is as shown above
  • Likewise, let’s assume that the average time to correct errors, exceptions, and problems is as shown above
  • A simple computation leads us to the following:
    • 1,000 transfers * 3.3% * 81 minutes = 2,711 minutes lost per year for MFT users
    • 1,000 transfers * 4.5% * 387 minutes = 17,331 minutes lost per year for MFT non-users

Now, let’s think about the cost of that lost time. In a person-to-person scenario, there are at least two people affected – and arguably three:

• The sender of the file loses at least some of their productivity
• The receiver of the file loses at least some of their productivity
• In addition, the issue may require the involvement of an additional person to help respond, remediate, and recover – and this responder loses all of their productivity

For the sake of this back-of-the-envelope calculation, let’s further assume:

  • The fully-loaded cost per person is $50 per hour
  • Both sender and receiver lose one-third of their respective productivity for the time the issue remains uncorrected (e.g., they can still do other work)
  • The responder, however, loses 100% of their productivity for the time the issue remains uncorrected
  • A simple calculation leads us to the following:
    • 2,711 minutes * 1 hour / 60 minutes * $50 / hour * (1/3 + 1/3 + 1) = $3,750 lost per year for MFT users
    • 17,331 minutes * 1 hour / 60 minutes * $50 / hour * (1/3 + 1/3 + 1) = $23,975 lost per year for MFT non-users

This is a 6.4-times advantage for MFT users, for the cost of lost productivity alone!

If this wasn’t already a sufficient business case for a MFT solution, we could also estimate additional costs related to errors, exceptions, and problems with file transfers, such as:

  • Opportunity costs
    • Loss of current revenue
    • Loss of future revenue
    • Inability to carry out the organization’s mission
  • Costs associated with the loss or exposure of sensitive data
  • Costs associated with non-compliance

I won’t attempt to quantify these costs here, but it seems clear enough that if we did then the gap between MFT users and MFT non-users would grow even wider – e.g., Aberdeen’s research confirmed that compared to MFT non-users, MFT users had fewer security incidents (e.g., data loss or exposure), fewer non-compliance incidents (e.g., audit deficiencies), fewer errors and exceptions, and fewer calls and complaints. As if we needed any more convincing.

Remember, these calculations were done on a volume of 1,000 file transfers per year – you can easily scale these up to reflect your own environment. It’s pretty easy to see that it doesn’t take very much volume to justify the cost of implementing and supporting an MFT solution. (In fact you might even save in operational costs, from the benefits of having a more uniform and efficient file transfer “platform”.)

Another thing we might want to do with Aberdeen’s research findings is to show how MFT users have actually reduced their risk compared to that of MFT non-users – using the proper definition of risk, which has to do with the probability of an error, exception, or problem and the magnitude of the corresponding business impact. The results of that more sophisticated analysis would not be a single, static number (such as the ones we derived above), but a more realistic range of values that would support making business decisions about file transfer based on the organization’s appetite for risk.

In my next post I will dig deeper into the business case for MFT by using a proven, widely-used approach to risk modeling called Monte Carlo simulation.

You also may be interested in the Aberdeen White Paper with this underlying research “From Chaos to Control: Creating a Mature File Transfer Process,” as well as these audio highlights from a recent webinar on this same topic of quantifying the benefits of Managed File Transfer.

How IT Pros Can Save 30 Minutes a Day

How IT Pros Can Save 30 Minutes a Day

Implementing Compliance for Data Privacy in Regulated Industries

Free Webinar: Implementing Compliance for Data Privacy in Regulated Industries
[ do default stuff if no widgets ]

Leave a Reply

Your email address will not be published. Required fields are marked *

Derek Brink

This post was written by Derek Brink

Derek Brink helps organizations to improve their security and compliance initiatives by researching, writing about and speaking about the people, processes and technologies that correspond most strongly with leading performance. In addition, he helps individuals to improve their critical thinking, leadership skills and communication skills by teaching graduate courses in information security at Brandeis University. Derek Brink joined Aberdeen in 2007 with more than 20 years of experience in high-tech strategy development and execution, corporate / business development, product management and product marketing, including positions at RSA Security, IBM, Sun Microsystems, and Hewlett-Packard. Derek earned an MBA with honors from the Harvard Business School and a BS in Applied Mathematics with highest honors from the Rochester Institute of Technology.