Master Data Management

Dan Dunford (UK) - Why the Summer Data Breach is Good News for Managed File Transfer

As the dust settles on the aftermath of this summer’s wave of high profile data breaches, many IT enterprises are reviewing how to better secure their systems and data. Some are even picking up the pieces from the attacks.

In the war of words on data breaches, sometimes the best countermeasures seem to involve an investment in the latest glossy security infrastructure. Notwithstanding the benefits of stronger perimeter defences and data protection policies, rooted in tougher encryption and authentication, a fast route to tightening up data protection could ameliorate the file transfer methods employed.

This has tended to be a neglected part of how an enterprise runs its systems. Quite simply, enterprise file transfer procedures have grown in an uncontrolled fashion. Organisations require the movement of data between multiple systems / sites - while customers have become more complex to manage and control consistently.

The wider implications of this can be serious.  To find out more, we surveyed European businesses about their file transfer policies. We found that while 77% said they regularly transferred business critical data - including sensitive financial and personal information – 64% indicated that they didn’t have a uniform approach for data transfer. It is the security implications of these varied, home-grown systems that are particularly striking when you consider strategies to minimise the risks of data theft and losses.

Home-grown file transfer procedures are frequently littered with potential security loopholes i.e. putting usernames and passwords in scripts, or using ftp servers and applications with potential vulnerabilities. The reasons for this stems from how file transfer systems are being frequently stretched and adapted to changing requirements. An inadvertent consequence is that errors occur which create unnecessary risks in how processes handle valuable data.

Additionally, staff who run file transfers aren’t always appropriately trained or skilled to apply basic security precautions. Again, our pre-data breach survey found that almost a 1/4 of staff do not know how to encode or decode data, notify recipients, or implement anti-virus procedures after data transfer. Training can help but organisations need the assurance that file transfer procedures are always adhering to tough data protection policies, people tend to like shortcuts that often override or bypass policies to get the job done faster.

These and other lapses risk exposing an organisation to financial and reputational damage; normally caused by a breach or financially painful censure from the regulatory authorities. Authorities that are taking a tougher line on non-compliance, and pushing for higher standards of data protection and management.

The direct causes and solutions lie in remedying poor maintenance and management of file transfer procedures.  However, this is difficult to achieve given how so many existing systems are custom-made and inherently hard to maintain.  The best course of action would be a complete overhaul of the systems involved.  It is quickly becoming an imperative, as senior managers begin to realise how improving file transfer can be a cost effective preventative measure against unnecessary security incidents happening perhaps this will change.

So a positive outcome of the data breach furore could be that managing file transfer becomes a priority on the agenda of CIOs and CSOs.


By Dan Dunford, Security Product Specialist, Attachmate


« Abhay Bhargav (India) - Hacktivism and the Indian Enterprise


Kasey Cassells (Global) - Happy Birthday, World Wide Web! »

Recommended for You

Trump hits partial pause on Huawei ban, but 5G concerns persist

Phil Muncaster reports on China and beyond

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies


Do you think your smartphone is making you a workaholic?