• open panel
  • Home
  • Articles posted by Lindsay Lewis

Author Archive

The Winner of our Virgin Experience Day voucher is…

The winner is James BishopWe’re delighted to announce that the winner of our £250 Virgin Experience Day voucher is James Bishop, an Information Security Manager in Norwich. James was informed of his win on Thursday evening and couldn’t quite believe his luck.

James let us know that he was at Infosec to attend the workshops and keynote speakers, to keep abreast of current technologies, and to earn valuable CPE points for his professional qualifications. He was lucky enough to attend all three days but shared with us that, “The tube strike had a definite impact on the first day, and I was crammed onto the London Overground from Stratford to West Brompton. Its been a while since I played sardines! Infosec was noticeably quieter on the Tuesday, but became progressively busier!”

Naturally we wanted to know what James would do with his vouchers and he said that he’d, “Probably do something extremely risky and jump out of a plane, drive a sports car really fast… or just share it with my wife!”

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Most UK firms lack data transfer visibility, Ipswitch study shows

In a recent article from Computer Weekly.com, Rich Kennelly, president of Ipswitch’s File Transfer division discussed the key findings of a recent study relating to the visibility of data movement in UK businesses. Needless to say, the stats were concerning to say the least…

Four out of five UK companies have little or no visibility of data movement, a study has revealed.

Half of more than 100 firms polled by Ipswitch File Transfer admitted they have no visibility of files being transferred within and outside their organisation.Magnifying Glass

A further 30% said they have only limited visibility, despite 64% of respondents saying secure file-sharing was vital to the security of the company data.

“A high level of visibility is critical for any organisation that is serious about protecting its most valuable asset – information,” said Rich Kennelly, president of Ipswitch’s File Transfer division.

“The ability to know who is moving data, where, when, how and why across an enterprise, is crucial, not only for data security,” he said.

Kennelly said data management and visibility is also important for streamlined workflows that improve productivity, and meeting compliance requirements.

Regarding who should be blamed if valuable or confidential company data file are sent or shared unsecured, 52% of respondents said it was a collective responsibility.

More than a third said accountability should lie with the employees; 7% said management should be blamed for not having robust policies in place; and just 3% said IT departments were to blame.

“We’re seeing a real shift in attitude, understanding and acceptance of managed file transfer technologies,” said Kennelly.

“Users know that information is at the core of their business and crucial to its existence, competitive advantage and longevity.”

The survey shows there is now greater understanding that efficient data security demands collective responsibility.

However, Kennelly said users cannot play their part unless the business provides easy-to-use, accessible and simple solutions that make their jobs easier.

The survey reveals that moving sensitive information by email is most prevalent, with 44% admitting to sending classified or confidential materials by email at least once a day.

Almost half admitted to using personal email accounts to send company files, with 21% blaming the slowness of work email, difficulties in connecting and limited file sizes.

Some 11% said they used personal email because their company did not monitor what they send and 8% admitted keeping business documents to use at their next place of work.

More than a quarter of respondents admitted using unsecured file-sharing websites and cloud services to share work-related files, while almost two-thirds confess to using USB drives, smartphones, tablets and other personal devices for backing up corporate files.

About Us

Pro2col are a Certified Ipswitch Elite Reseller based in the UK.  Since 2003 we have been helping companies of all shapes and sizes to tackle their data transfer challenges and maximise their investment in secure managed file transfer products.  If you’d like to know more about how to attain full visibility and control over the data moving into, out of and around your business, please don’t hesitate to contact us on 0333 123 1240.

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Are Employees Putting Your Company’s Data at Risk?

One of our key vendors, Ipswitch File Transfer conducted a survey of over 200 IT leaders and practitioners with security responsibilities about person-to-person file-sharing practices.  From the results that they gathered, this is what they found…

These results should alarm IT and security professionals.  Findings show that employees are circumventing IT staff by sending confidential and highly sensitive company files via means that are insecure and lack auditability. The results serve as a graphic reminder that when company systems hinder employee productivity, it’s both a security risk and bad for business.

There’s no way to sugarcoat the results of the survey, the highlights of which you can see in the Infographic below. Click here to register to receive the full research report results and recommendations.

 

Ipswitch File Transfer Survey Results - Person to Person File Sharing Risks

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Personal File Sharing in the Business: The Risks

It may be a new year, but we’re still facing the same old challenges on our return to the working world.  Personal file sharing is one of those challenges.  If employees are left to their own devices, the chances are they will turn to familiar consumer grade technologies such as Dropbox that were just not designed to adequately secure business data.

Micheal Osterman of Osterman Research succinctly summarises some of the key issues surrounding personal file sharing in his white paper, “Business-Class File Sharing Best Practices”.  Here is an excerpt from the paper:

Excerpted from “Business-Class File Sharing Best Practices”

The Status Quo Doesn’t Work

Business-Class File Sharing

  • Users are stymied because company email systems often do not permit file attachments of more than 10 to 20 megabytes to be sent, and it is not efficient at sending more than a few files at a time. Moreover, email doesn’t typically include a return receipt so the sender can know if the recipient ever received the email. Also, when email is used for file transfer, it imposes increased storage and bandwidth costs, slow message delivery, long backups, long restores, high IT management costs.
  • Many users will turn to their personal Webmail account because of their ability to send very large files through these systems. However, when users do so there is no IT visibility into the sent or received content, no tracking, no auditability, and no archiving. Moreover, corporate content can reside in personal Webmail repositories for many years, long after an employee may have left the company. While this makes life easier for users, it increases the risk to the organisation.
  • USB sticks, tablets and smartphones create the same problems: lack of security, higher costs, their likelihood of being lost or stolen, and the potential for content on them to be accessed by unauthorised parties.
  • Dropbox-like file sharing tools and cloud services can be effective, but they do not permit IT management or governance of content. And, they often are individual accounts and not under the sanction of IT which means that IT doesn’t have the visibility or insight into what is being transferred, nor does IT maintain any type of audit trail for this content.
  • SharePoint and similar tools are useful for sharing information if both senders and recipients are using it. However, SharePoint require the deployment of a dedicated infrastructure and training for end users, and it is not always easily accessible by remote workers or people external to an organisation.
  • Basic FTP client-server systems, while useful, require both the sender and recipient to have access to the FTP server to share information, which can be an ongoing provisioning burden for IT.
  • Physical delivery of information – such as CD-ROMs or DVD-ROMs that are burned and sent through overnight services – is expensive and the speed of delivery is slow

If you’d like to learn more about secure file sharing practices, you can access the full Osterman whitepaper here.  Alternatively, if you’d like to discuss your specific file sharing challenges with one of our managed file transfer experts, please don’t hesitate to contact us on 0333 123 1240.

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Socitm 2012: Managed File Transfer for Councils

We’ve been working closely with councils throughout the UK to simplify, secure and streamline their file transfer, so we couldn’t miss the opportunity to attend Socitm 2012; the No. 1 UK ICT event for councils.  The conference has kicked off today (here’s a breakdown of the programme) and the Pro2col team are ready and waiting to share the knowledge and experience that we have gained from working with councils to secure person-to-person file transfers and automate the movement of sensitive data into and out of the organisation.

Pro2col Managed File Transfer at Socitm 2012

On a similar note, this is the ideal moment to publically release our lastest e-book: The Council’s Guide to Secure Managed File Transfer, which is now available for download.  It covers a range of issues surrounding the secure movement within councils including:

  • How to eliminate the problems caused when employees resort to insecure, non-compliant file transfer methods such as email.
  • Ensuring you meet with UK data security and compliance legislation including The Data Protection Act and PCI DSS.
  • Providing your employees with a quick and simple way to send and receive sensitive files both internally and with third parties.
  • Automating the transfer of files, saving time and money.
  • How to regain control over file transfer processes and user access.

If you’re at the conference and would like to speak to one of our managed file transfer experts, drop by stand 8 (piccy attached) – we’re always happy to help.  If you’ve not been able to make it this year and you’d like to talk to us, please don’t hesitate to get in touch with the office on 0333 123 1240.

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Managed File Transfer in Action – Part 1

A well known utilities company in Yorkshire were using multiple legacy systems and 2 disparate FTP solutions to move data into, out of and around their organisation.  These systems had grown organically over time to tackle isolated file sharing issues when they arose.  As it transpired, this approach left the company with an ungovernable mix of system to system and FTP solutions that required manual interventions and the ongoing revision of batch scripts.

Utility Bill

The mounting costs generated by work duplication and management overheads, accompanied by the risk associated with the absence of failover was becoming a genuine concern.  Bearing in mind that these systems were executing business critical processes such as billing, debt management, banking and delivering mission dependent data to employees in the field – recreating these undocumented workflows in the event of a disaster would be costly.  Considering the sensitive nature of certain pieces of data moving through these workflows, securing data was also a priority.

Pro2col worked alongside the customer to develop an understanding of their processes and document their key requirements.  Armed with this information, we were able to identify the technologies that would meet these requirements, and help them through the selection and evaluation process.  Specifically, the company were looking to:

  1. Secure the sending and receipt of confidential business and customer data
  2. To further automate the retrieval of time sensitive data from remote systems to provide realtime updates of vital information to their workforce at regular intervals throughout the day.

In terms of features, the company were looking for:

  • A solution that would support FTP, SFTP/FTPS, HTTP/HTTPS.
  • A user-friendly GUI for administration and configuration as apposed to CLI and scripts.
  • The ability to schedule time or event driven actions.
  • Pre and post processing ability i.e.; archiving, moving, deleting files that have been processed.
  • The capability to report failed transfers and system problems.
  • Potential to integrate with HP OpenView for system reporting.
  • Ability to perform ad hoc file transfers manually and simply via web browser or email plugin.
  • Ability to run concurrent processes.
  • Automatic fail over to a backup system.
  • Compatibility with Windows 2008 R2.
  • Integration with Microsoft Active Directory.

Based upon the information we gathered through the consultancy process, we were able to recommend the most suitable solution to meet their objectives – in this case, a combination of Ipswitch MOVEit Central and MOVEit DMZ with the Ad Hoc Module.  MOVEit Central was specifically designed to automate a wide range of mission critical file transfers, enabling the company to automatically “pull, process, and push” all files to any platform, including network architectures, operating systems, and protocols.  It would integrate directly into their existing data workflows, consolidating their automated file transfer tasks and allowing IT staff to create/administer them via a user friendly GUI interface.  For the ad hoc aspect of their file transfer requirements, MOVEit DMZ with the ad hoc module provided a secure, end to end solution for employees to send and receive mission critical files.

This just gives you an idea of the potential of these solutions and the levels of automation that can be achieved.  Within an enterprise environment such as a large utility company, an managed file transfer solution can save hours of manual processing and ensure that all the information is where they need it, when they need it.  As with all of our customers, we’ll be working with this organisation in the months and years to come, and look forward to helping them achieve their maximum ROI.

Share on TwitterShare on FacebookShare on LinkedIn+1
 

New data protection rules could come into force as soon as 2013!

We’ve been aware for a while that EU Data Protection laws were under review. The latest news implies that business may have less time than they think before a new data protection framework is introduced. According to an article published in Computer Weekly, “While negotiations continue in Brussels, compliance and risk managers have no time to waste in preparing for the new rules that could come into force as soon as 2013.”

The impending release of this new data protection legislation puts increased pressure on businesses to ensure that they have the right measures in place to protect internal data. Especially since one of the change could potential involve the need to disclose data breach incidents within 24 hours of their discovery. Data ProtectionDespite the controversy surrounding this specific part of the proposal, it seems European businesses will almost certainly join their peers in most US states in having to comply with mandatory breach disclosure.

Bearing this in mind, the requirement to secure business data will be making it’s way to the top of many companies priority lists. Brand protection and company reputation are invaluable in today’s competitive marketplace and in order to protect this, you’re going to have to protect your data. This can seem like a daunting task, but there are regulations such as ISO 27001 and PCI DSS that provide a framework and a very good set of controls to work with. Although this doesn’t guarantee that you’ll meet the new EU regulations 100%, it gives you a good chance of be close to compliance.

At Pro2col, we provide a range of secure file transfer solutions that meet whole range of security legislation such as PCI DSS, ISO 27001, HIPAA, SOX and many more. So if you’re looking to take the next step when it comes to your data security, please contact us on 0333 123 1240.

Share on TwitterShare on FacebookShare on LinkedIn+1
 

An update from Infosecurity 2012

Yesterday was the first day of Infosecurity 2012 one of, if not the biggest IT Security Shows in Europe – and it was a busy one.  Not only that, the war of the most outlandish gimmick was in full force, so be prepared for talking dogs and 7-foot robots if you’re planning to visit!

We’re helping out on the GlobalSCAPE stand this year (check out their stylish booth), as they’re showcasing their latest products for the first time here in the UK – Hosted Enhanced File Transfer Server™ (EFT Server™) and Secure Mobile Access™. As GlobalSCAPE’s primary reseller’s in the UK, it’s been a great opportunity for us to spend some more face-to-face time with the GlobalSCAPE team.

GlobalSCAPE Stand - Infosecurity

There’s been a lot of interest from businesses spanning all sectors, looking secure their data transfers and comply with regulations such as PCI DSS and The Data Protection Act.  We’re looking forward to being kept busy for the remainder of the exhibition, so if you’re heading down to Earls Court come see us at stand F82.

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Hosted v’s On Premise Managed File Transfer

Over the past couple of years there has been considerable hype around saas, hosted or cloud based solutions – the managed file transfer marketplace has been no different.  We speak to many businesses on a daily basis about their file transfer requirements and inevitably, a number of them ask for a cloud based solution. So we’ve been speaking to a range of our vendors, natural leaders in the software field, but many of them seem unwilling to step out of their traditional marketplace and into the cloud space.  There are of course good reasons for this.  For example, the impact on existing software sales, the responsibility that goes with managing other peoples data and probably most importantly, the size of the market. According to Gartner only 10% of the managed file transfer marketplace actually relies upon a cloud based solution.  With the managed file transfer sector experiencing +20% growth year on year and the shift to cloud solutions not likely to slow any time soon, transition to cloud services could become the next major battlefield for vendors. However as it stands, this certainly isn’t reflected in the managed file transfer marketplace as there are many more software vendors than service providers.

Laptops in the Cloud

If you’re thinking about implementing a hosted or on-premise managed file transfer solution, there are a number key points to consider.  Here are a few to start you off:

Cost of Ownership

Cost is the number one factor influencing the choice of managed file transfer solution for most businesses.  Implementing and managing an on-premise MFT solution can be pricey, some of the costs to consider are:

Software – The initial software purchase price can range from £5,000 to in excess of £50,000 but once this has been paid, the solution is yours.  Although hosted services appear cheaper in the short term, ongoing subscriptions can be costly in the long term.

Hardware – Providing an environment to install and run the MFT solution can also add up, especially when you take into account disaster recovery or high availability.

Infrastructure – Hosting files on your own server can prove a problem, bear in mind the impact on your Internet connection when a 1Gb file is shared with 50 or more external users!

Support & Management

Another point to take into account after the initial go-live of a managed file transfer solution are the costs associated with ongoing support and management. Specifically:

Internal Support – If you deploy an MFT solution, the responsibility of support and management falls on internal team members, whereas with a hosted solution much of the ongoing support is outsourced to the service provider.

Availability – Generally hosted services run in high availability data centers.  Therefore, they offer guaranteed uptime with load-balanced solutions as the norm and include SLA’s.

Scalability – In a hosted environment, scalability of your product is generally available on demand or at the touch of a button.  It’s not always quite so simple with an on-premise MFT solution.

Back-up/disaster recovery – Usually provided as part of the service by hosting providers, back up and disaster recovery can be costly when purchased as part of a solution package.

Deployment

Bringing an on-premise managed file transfer solution online has its challenges. Ports need opening on firewalls, rules need setting up, plus there are considerations about the design of the solution and how it will sit within the corporate infrastructure.  Hosted solutions are incredibly fast to deploy given that much of the above doesn’t come into play.

Functionality & workflow

Typically, functionality and workflow features are key drivers in the decision making process. On-premise managed file transfer solutions offer far more in the way of a comprehensive feature set:

Bottlenecks – Having files local to you, when you need them can save a considerable amount of time in terms of loss of productivity, especially for larger enterprise deployments.  Pushing data to remote services can impact upon an end users time or can delay internal processes.

Integration – More often than not, hosted solutions are somewhat limited in the level of integration capabilities they offer.  This is an important factor to take into consideration as lack of integration reduces the potential to automate tasks and minimise the man hours wasted on routine tasks.  There are of course exceptions to the rule as there are some very capable hosted technologies.

These are just some of the key areas to be mindful of if you’re weighing up the pros and cons of hosted vs on premise managed file transfer solutions.  Ultimately, the decision will be fueled by the scope of your requirements and the size of your budget.  Whatever these may be, there is a managed file transfer solution out there to fit your business needs.  If you want some help pinpointing the right solution for you, please contact Pro2col on 0333 123 1240.

Share on TwitterShare on FacebookShare on LinkedIn+1
 

Email Attachment Management: Facilitating Secure, Large File Transfer

Typically, email is the first port of call for all non-technical staff members when faced with the task of sending large documents quickly. We’re now in an age where data leaks are common place and authorities are cracking down on insufficient security policies. According to figures published by IDG Research Services, the companies that they surveyed rated email as the third highest area of concern when it came to the security of their data. The fact of the matter is, standard email is just not capable of meeting modern day security requirements. Not only this, there are other associated problems to consider when using email for large file transfer such as email attachment management, size limitations, unpredictable deliverability of files, bandwidth utilisation and storage problems.

So businesses are reacting to these issues by implementing sophisticated technologies that address these concerns – which is great – but unfortunately, this is a 1-dimensional solution to a 2-dimensional problem. Providing the facilities to send files securely is one thing, guaranteeing that all file transfers within the business are completed using these facilities is another matter altogether.

Email Attachment

The question is, how do you stop staff members bypassing new technologies in favour of good old trusty, familiar solutions such as email? The answer is – enable them to continue to use it. Alongside web browser upload options provided, email attachment management solutions offer plugins that can be integrated with existing email clients, to enable ground level users to attach files and send them securely via email.   The difference is that rather than filtering through email servers, large email attachments are handed off to the email attachment management solution where they are encrypted, stored and a notification email sent onto the recipient containing a secure download link to the file.

So…

  • Your confidential information remain secure.
  • You avoid the fines and penalties being enforced by authorities such as the ICO, for failing to meet security compliance legislation.
  • The reputational risk associated with loss of customer data is negated.
  • Email servers and storage systems are not overwhelmed by a mass of large data files.
  • File transfers come with a full audit trail.
  • You can be notified when a recipient downloads a file, providing accountability and more reliable file transfers.
  • Large file transfer is quick, secure and user friendly for staff, allowing them to concentrate on being productive.

Take a look at this short video to find out more about what an email attachment management solution can offer you…

 

 

If you’d like to find out more about email attachment management, Biscom Delivery Server or any of the other secure, ad hoc file transfer solutions we provide, please don’t hesitate to contact us on 0333 123 1240.

Share on TwitterShare on FacebookShare on LinkedIn+1
 
© Pro2col Ltd 2012 | Terms of Sale | Privacy Policy | Sitemap
Part of the Pro2col Group