Today's companies are dealing with an increasing array of legislative and industry requirements, mostly revolving around security. Legislation such as the Health Insurance Portability and Accountability Act (HIPAA), the Sarbanes-Oxley Act (SOX), the Gramm- Leach-Bliley (Act) GLBA, the Payment Card Industry Data Security Standards (PCI DSS), Basel II, and more all have stringent data security requirements for specific types of data within your business–often the data that forms the core of your business, such as customer information or financial data. Sometimes, these requirements are very technically precise. PCI DSS, for example, provides specific guidelines on what kind of data must be protected (customer and cardholder information), when it must be protected (in transit and when stored), and how it must be protected (encryption, in most cases). Other times, requirements are much more general and less technical in nature. HIPAA, for example, simply has a general requirement that patient information must not be disclosed to unauthorized parties; a 2009 addition to HIPAA also requires that data holders notify individuals when their protected information has been improperly disclosed. Those general business-level requirements can be extremely difficult to implement from a technology perspective. For example, suppose you work in the healthcare industry and are subject to HIPAA. You need to transfer certain patient information to a partner company, and you need to do so in a way that complies with HIPAA. That means you need to actually implement several technical controls:
A Managed File Transfer (MFT) system can help with many of these requirements. By using a properly-configured MFT system as your sole means of transmitting data–potentially both within your organization and externally–you can become compliant with these requirements much more easily.
Our 2016 survey of global IT teams is in. Find out how important they find data security and compliance and how they are mitigating the risk of data loss.