Shifts in file transfer strategies and advice to CISOs on implementing a secured Data in Motion strategy that avoids disrupting operations
RhinoSoft is the company behind Serv-U and and FTP Voyager, the innovative FTP server and FTP client sold in 90 countries. SMBs and industry leaders use us to exchange files with trading partners, share files with employees, and automate file transfers. Our advanced capabilities allow teams to access files from anywhere, deploy a managed file transfer solution, or support FTP. SFTP (SSH), FTPS, HTTP/S and IPv6.
In the following interview, Jonathan Lampe, VP Product Manager of RhinoSoft, discusses 1:1 with Info Security PG, Editor-in-Chief of Info Security Products Guide, on the coming shift in file transfer strategies and advice to CISOs on implementing a secured Data in Motion strategy that avoids disrupting operations.
Info Security PG: How has the file transfer technology changed over the last decade? Why do many legacy file transfer solutions fall short in today’s environment?
Jonathan Lampe: Over the last decade file transfer technology has evolved far beyond standalone FTP servers with their isolated lists of users.
Today, good file transfer means extending shared storage to mobile end users equipped with iPads, smart phones, and desktop web browsers. It also means ensuring that data in motion is encrypted with HTTPS, FTPS, or SFTP technology. For authentication, file transfer servers are expected to integrate with Active Directory, web portals, and other back-end databases. And for management, file transfer servers are expected to be monitored and configured from anywhere on iPads and web browsers, while auditable records of all transfers and activities are captured for both real-time display and historical reporting.
Legacy solutions that require multiple technologies to support multiple protocols, require end users to remember multiple sets of credentials, or RDP into Windows to configure a server are all rapidly falling by the wayside.
About Jonathan Lampe
Jonathan Lampe is VP Product Management of RhinoSoft, a provider of affordable secure file transfer and managed file transfer solutions. Prior to RhinoSoft Lampe held various executive, technical and product management roles at Ipswitch, Standard Networks, and an independent consulting firm. He holds Bachelor of Science degrees in computer science and operations from Northern Illinois University, an MBA from the University of Wisconsin, and several security certifications including (ISC)2’s CISSP and the Cloud Security Alliance’s CCSK.
Info Security PG: Mobile devices are now shipping in larger numbers than PC’s. How does this impact an organization’s file transfer strategy?
Jonathan Lampe: In the last decade, the traditional file transfer strategy of deploying FTP clients on desktops was largely replaced by a new file transfer strategy of using web browsers to exchange files with end users. Sometimes they used the built-in upload and download characteristics for maximum compatibility, and sometimes they used web plug-ins to support very large files transfers, multiple uploads, or drag-and-drop integration with local operating systems.
Now, people are getting used to being able to view documents and images from their mobile phones and tablets like the iPad. The emergence of these mobile document consumers will soon cause organizations’ file transfer strategies to shift again so that traditional file transfers, web file transfers, and mobile file transfers will all be handled and managed by one or two key systems.
Info Security PG: What would you advise CISOs on implementing a secured Data in Motion strategy that avoids disrupting operations?
Jonathan Lampe: One of the best ways to avoid disrupting operations during any migration is to ensure that your destination platform can also do just about everything your disparate or legacy systems can do.
Secure Data in Motion strategies today are often initiated after an organization discovers security limitations or a lack of mobile access in their existing systems. With that in mind, it is essential that today’s file transfer platforms have strong security attributes (including FIPS 140-2 validated cryptography, lockouts and alerts, and multi-factor authentication) and strong mobile support (including support for tablets like Apple’s iPad and Amazon’s Kindle Fire).
At a tactical level, visibility into all transfers during and after a secured Data in Motion implementation is also critical. With that in mind, attributes such as alerts when files arrive, complete logs of all transfer actions, statistics to guide capacity decisions, and the ability to drill down and trace specific user sessions are all important.
Info Security PG: What are some of the current solutions provided by your organization and who are the targeted users?
Jonathan Lampe: Today, our Serv-U secure file transfer server powers most of the Fortune 500, including 9 of the top 10, with industry-leading security, visibility, and interfaces. Our buyers include small and medium business seeking a powerful and well-maintained secure file transfer solution for all their needs and enterprises seeking an affordable and easy-to-deploy solution for a particular project, department, or set of trading partners.
Serv-U’s roots as one of the world’s most popular FTP servers have allowed us to achieve universal compatibility with FTP clients, SSH clients, and file transfer automation technology. A major reengineering of the platform in 2008 also paved the way for today’s support of mobile devices and web browsers as clients, and 64-bit Windows and Linux operating systems as hosts.
Granular access controls, detailed logs and statistics, and integration points for Active Directory, web portals, custom branding, and external applications all round out the mature capabilities of Serv-U’s base editions. An additional Serv-U Gateway module is available to achieve PCI DSS compliance by avoiding data at rest in the DMZ, and an additional FTP Voyager JV module is available to provide web users the experience of a legacy FTP client without the installation or firewall hassles.
Together, Serv-U’s capabilities make it a powerful solution for companies seeking to handle traditional secure file transfers, provide access to shared folders from anywhere, and meet “managed file transfer” regulatory requirements.
Company: RhinoSoft P.O. Box 53, Helenville, WI 53137 U.S.A.
Founded in: 1996 CEO: Mark Peterson Public or Private: Private Products: Serv-U secure FTP server and FTP Voyager secure FTP client, managed file transfer consulting services. Company's Goals: Affordable secure file transfer for SMBs and tactical enterprise deployment.
JOIN NOW THE CYBER SECURITY WORLDWIDE COMMUNITY ON LINKEDIN