An increasing number of people are switching to cloud infrastructure for their businesses, and there are good reasons to do so. As an abundance of companies has already transitioned to the cloud, migrations are increasingly taking place within the cloud, as these organizations migrate between different cloud providers (known as cloud-to-cloud migration). But for those making the initial foray to the cloud, there are a few critical items to consider.

In doing so, businesses have now found themselves in a new territory of data transfer and protection. Newfound challenges emerge and organizations need to come up with solutions sooner rather than later to avoid the risk of exposing their sensitive data to cyber risks and breaches.

At Fortra we have asked cybersecurity professionals to identify these pitfalls.

Ineffective data management

Many businesses insist on using traditional methods and protocols to handle secure file transfers between on-premises and the cloud, or between cloud platforms. However, as with many security solutions, legacy practices are not adequate in a cloud environment, let alone in a multi-cloud setting. Even if they opt for a cloud-based data transfer solution, a lack of effective management impedes the potential of protecting this sensitive data, creating more security challenges.

“Ineffective planning, financial cost, misconfiguration, and poor user experience are some of the challenges with cloud data transfer. As a result of poor user experience, employees use unapproved file transfer solutions to move files around. This is a serious risk that exposes businesses to data loss, exfiltration, and data breaches.”

Richard Funso | Information Security Officer

Who controls your data?

When your data resided on-premises, you had full control over who is accessing it and how this data was transferred between departments or organizations. However, with more and more data being moved to the cloud, a crucial question arises; who controls your data?

“There is a fundamental challenge with data transfer, whether it is on-prem or in the cloud – and that is one of control, who has access to the data, and how it is transferred.”

Gary Hibberd | Security Consultant

This is a pressing issue not only from a security standpoint but also from a compliance one. Data sovereignty is an emerging trend among many privacy and security regulations, and many laws require that your data is localized within your jurisdiction. Lack of appropriate control over your data transfers may be the cause of huge fines because of privacy compromise.

“Historically, the key differences between moving files on-premises, and in a cloud environment had always centered on control. With the cloud, there’s that unknown territory of having to trust a third party in some regard. You need to make sure that the cloud service provider is meeting your security standard. You also need to be cognizant of the type of data that you’re sending. If the data contains Personally Identifiable Information (PII), you need to make sure you have extra protections in the process.”

Matthew Hankinson | Infrastructure manager

Complexity and its consequences

While moving your data to the cloud sounds like a “copy-paste” type of task, the truth is that it is much more complex than that. Before moving your data to the cloud, you will have to answer several crucial questions, including:

  • Where is your data stored?
  • Which systems access which data?
  • Is it feasible to move your data to the cloud?

The problem is further exaggerated when you are to move data between different cloud platforms. Are the platforms interoperable? With many complexities in place, operational costs and security risks can only increase.

“Due to the numbers of platforms and interfaces companies work with today, security, auditing, and maintainability of data transfers are growing ever more difficult.”

Michael Barford | Solutions Engineer

Security vs employee experience

The common denominator of the previous challenges is data security. Although cloud security is a shared responsibility between the cloud provider and the cloud customer, the security of data in the cloud is the sole responsibility of the organization. However, security should not come at the expense of employee experience. Therefore, the add-on challenge is how to balance two issues that seem at odds – security and usability. If you ruin this fragile balance, you will feel the repercussions on your business productivity and – not surprisingly – on data security; your employees will try to find ways to circumvent your security controls to have their job done.

“Having the right balance is key to ensuring that employee productivity, security, and compliance requirements are met. Anyone who interacts with your systems also needs to be sure that you have met all the security requirements and have an easy process to follow for transferring data. This is crucial to maintain a high level of security.”

Ray Sutton | Technical Consultant

How can Managed File Transfer help you overcome these challenges?

A Managed File Transfer (MFT) solution is a product that encompasses all aspects of inbound and outbound file transfers while using industry-standard network protocols and seamless encryption. It can automate and transfer data across your network, systems, applications, trading partners, and cloud environments from a single, central point of administration. An MFT solution can be used by organizations of all sizes for encrypted file transfer needs, ranging from a few dozen a week to a few thousand a day and more.

“Having a Managed File Transfer capability ensures that data is managed and monitored to ensure it arrives safely at its destination.  A good MFT solution reduces compliance risks by ensuring data integrity is maintained. Beyond compliance, it will also increase productivity, as it reduces the overload on the network, and increases transfer speeds, along with the reliability of the transfer.”

Gary Hibberd | Security Consultant

“Using the right technology allows companies to more easily adapt to the ever-changing file transfer requirements that they may face.”

Michael Barford | Solutions Engineer


About DT Asia

DT Asia began in 2007 with a clear mission to build the market entry for various pioneering IT security solutions from the US, Europe and Israel.

Today, DT Asia is a regional, value-added distributor of cybersecurity solutions providing cutting-edge technologies to key government organisations and top private sector clients including global banks and Fortune 500 companies. We have offices and partners around the Asia Pacific to better understand the markets and deliver localised solutions.