Optimizing Managed File Transfer (MFT): Dos and don'ts

Front-line advice on getting the right MFT system, and getting the most from it

Discourage data leaks, standardize and optimize file transfer—that's the ambition of Managed File Transfer (MFT) products. Here, experts offer practical advice on using these tools.

Learn about features and selection criteria in the companion article Automating and securing file transfers: Key issues.

DON'T look for a quick hit, one-off solution. You may think you only need to quickly solve a single problem, such as how to secure files emailed between your law firm and its clients. But most organizations have much more complex, large-scale file-transfer requirements and should take a long-term view of their needs.

"It's all about taking a holistic view of all your connections and risk and [how to] shut the door to new scripts, FTP servers, which created the problem in first place," says Chuck DePalma, CISO for Volkswagen Group of America. "If you just jump in and replace this one FTP server, companies wind up with five or six managed file-transfer products across the organization. You wind up with better tools, but no central governance."

DO use MFT as part of an overall data management program. It's critical to classify your data, know how it's used within the organization and in transactions with other businesses, customers, auditors, and so on, so you can apply appropriate policies and controls to various file-transfer use cases.

See dos and don'ts for using protocol analyzers | SIEM | IT GRC

To continue reading this article register now

Microsoft's very bad year for security: A timeline