Looking back at 2011, we saw more and more employees using consumer-grade (and often personally owned) file sharing technologies such as USB drives, smartphones, personal email accounts, and file sharing websites to move sensitive company information.  We’ve learned that employees will “do what they need to do” to be productive and get their job done… And if IT doesn’t provide them with the right tools, they will find their own.

2011 was also a record-breaking year for data breaches.  Coincidence?   Perhaps.  But there is no denying the fact that the increased use of non-sanctioned technology in the workplace has created a security loophole in many organizations.  It will become increasingly important for organizations to mitigate this risk to avoid a failed security or compliance audit or worse, a data breach.

Ipswitch can help your organization meet the security, usability and visibility requirements for file sharing.  For example, our Ad hoc Transfer module for MOVEit DMZ enables organization to enforce consistent policies and processes around person‐to‐person file transfers ‐ email encryption, attachment offloading, secure messaging, eDiscovery, and more.  It not only gives companies unparalleled governance, but it also allows end users to send information, with anyone, in a fast, easy, secure, visible, and well managed way.

We will be talking a lot more about the topic of people person-to-person file sharing in 2012, so stay tuned….

Email is the world’s collaborative tool and is the electronic ‘sending’ system of choice between people, both within and across organizations.

While the capabilities of transferring files via email hasn’t improved much in the past 10 years, the size and sensitivity of files has multiplied ten-fold.

Email usage is ungoverned at most organizations, meaning that employees can attach any file they have access to and send it to anyone in the world.  For CIOs, it’s about more than just security – it’s also about visibility.  If you can’t see the files flowing within and from your organization, you can’t protect them.

And how about employees, who are bound and determined to quickly transfer needed information (which may be confidential) with customers, co-workers and partners?  For the majority of workers, not sending that file for security’s and visibility’s sake is not an option.  Employees will choose ‘productivity’ over ‘security’ if they are given the choice.

Please do take some time to identify and evaluate the tools your employees use to share information with other people and ask yourself if it’s being done in a visible, secure and well managed way.  You’ll likely want to rethink how people are really sharing information at your organization.

Tax season is behind us (at least for most of us) and we can all give a sigh of relief… but can we? This year, getting my taxes organized and handing them to my accountant seemed to be more difficult than usual. Fortunately for me, the Federal Government gave certain areas that were dealing with flooding a small extension that allowed me to find the time to pass my taxes into my accountant.

Once that task was completed, I was able to relax except for the fact I now had one day to get back into the accountant’s office and sign the documents for them to send to the IRS.

read more “Do People Realize What They Are Sending and the Risks Associated?”

Using free online storage and collaboration systems dramatically increases a company’s risk of a data breach.  Many of these tools automatically synchronize desktop folders with folders in the cloud.  Compromised credentials can give hackers easy access to all of a company’s sensitive information.

Companies need to monitor traffic over known P2P ports and over commonly used ones, like 80 and 21.  It’s not just data loss prevention, it’s ensuring that policies that address “what data can be sent to whom” are enforced – regardless of port and security mechanisms.

Most of today’s threats with P2P file sharing come from applications that work in conjunction with cloud services, leaving room for hackers to create desktop onramps for their own use.”

 In a recent case, the FTC found the breach.  The truth is – the companies breached should have found it first.

Many enterprise collaboration tools have browser-based portals set to automatically download documents from specific locations.  Simply changing the default settings away from “My Documents” can prevent employees from unknowingly downloading and installing applications that could increase a company’s risk of a breach.

Multi-enterprise collaborative implementations and deployments can be extremely difficult to benefit from because all too often the companies deploying these solutions overly emphasize the security mechanisms and protocol support. While those aspects are important, the ecosystems around companies are expanding to include smaller partners and Prosumers that need to be managed, provisioned, and have their expectations met. In short, companies will need to spend the time and effort on better managing all aspects of the interactions in their ecosystem.

The agreement between Cleo Communications and Stonebranch is a good step in this direction, but we continue to advise our customers, prospects, and the overall market to strongly consider the visibility, management, and enforcement aspects of any type of integration and collaboration. Much of this partnership seems to be based on technology around providing multiple protocol and security support. I will never underestimate or undervalue the importance of protocols and security mechanisms, but I will always focus on the larger aspects of governance: visibility, management, and consistent enforcement of policies related to security and performance. These are the things that matter. This agreement furthers my strong and publicly stated beliefs that companies are consolidating their approaches to integration and collaboration.

Simply put, there continues to be a high degree of volatility (this impacts the entire marketplace in a positive way) in the managed file transfer market.

My best friend and mentor Daryl Plummer used to say to me all the time, “Words matter.”. He used to say it because we’d get into these heated discussions that would dissolve into the phrase “It’s just semantics…” Well, it isn’t! Semantics do matter! Today I will address an annoyance I have with how the market uses the term ad hoc. Let’s start with some basic definitions with respect to this market.

  • Interactions are the combination of all the facets of file/data/information movement and related information (Metadata) about the file transfer including sender, receiver and intermediary. At this point I must acknowledge my colleague and friend of 9 years David Bennett, CTO of Axway, for his use of “interactions” with respect to MFT. My use of the word is consistent with his, strengthening the term in the MFT marketplace.

read more “Words Matter: Stop Using “Ad-Hoc” When You Don’t Mean To”