Managed file transfer (“MFT”) refers to software or a service that manages the secure transfer of data from one computer to another through a network (e.g., the Internet). MFT software is marketed to corporate enterprises as an alternative to using ad-hoc file transfer solutions, such as FTP, HTTP and others.
Typically, MFT offers a higher level of security and control than FTP. Features include reporting (e.g., notification of successful file transfers), non-repudiation, auditability, global visibility, automation of file transfer-related activities and processes, end-to-end security, and performance metrics/monitoring.
MFT applications are available as both on-premises licensed software packages and software-as-a-service (“SaaS”). Some are specially designed for enterprise use while others are for sale to individual consumers. A few enterprise-focused SaaS MFT providers also manage the additions of new trading partners, which can free up a lot of IT (information technology) resources.
MFT refers to a class of product that manages, secures, centralizes, and automates the transfer of files inside and outside of an organization. There are numerous MFT vendors, including some that support i OS and run on the System i server.
At the core of an MFT solution is often an FTP server—or, more likely, an SFTP (uses SSH) or FTPS server (uses SSL) that provides encrypted file transfers. Many MFT solutions also include provisions for sending files via SMTP, HTTP, or HTTPS. Still others rely on proprietary file transfer protocols, and include separate compression and encryption capabilities.
But MFT is not merely a collection of FTP, SMTP, or HTTP servers. On top of the transport layer, MFT solutions produce and provide full audit trails showing who transferred what files to where, and how and when they did it. This adds security to basic file transfer activities, and gives MFT a hand in regulatory compliance.
MFT also includes elements of automation, such as the capability to execute jobs when specific files arrive in specific folders, and to alert IT managers of unexpected situations. This allows MFT products to eliminate complicated scripting and reduce the need for expensive programming expertise.
MFT also identifies and records successful and failed file transfers to a customer or a partner. This provides elements of non-repudiation, and can help prevent those embarrassing instances where an organization isn’t sure if a critical transfer actually worked.
MFT applications are characterized by having all or most of the following features:
- Support multiple file transfer protocols including FTP/S, OFTP, SFTP, SCP, AS2, and HTTP/S.
- Securely transfer files over public and private networks using encrypted file transfer protocols.
- Securely store files using multiple data encryption methods
- Automate file transfer processes between trading partners and exchanges including detection and handling of failed file transfers.
- Authenticate users against existing user repositories such as LDAP and Active Directory
- Integrate to existing applications using documented APIs (application programming interfaces)
- Generate detailed reports on user and file transfer activity.
From its inception, FTP has made moving large volumes of bulk data between any two entities—including file servers, applications, and trading partners—possible. However, FTP (and other communication protocols such as HTTP and SMTP) do not, on their own, provide a way to secure or manage the payload or the transmission. Yet, regardless of the lack of security and management capabilities, many companies have continued to transport large batches of structured and unstructured data using these protocols.
This practice is changing, however. According to Gartner Research, “Organizations often use MFT solutions to replace FTP. This is due to increased focus on compliance, privacy regulations and corporate transparency — which demand increased auditing, management, security and process.”
While Managed File Transfer always recovers the same features—reporting (e.g., notification of successful file transfers), non-repudiation, auditability, global visibility, automation of file transfer-related activities and processes, end-to-end security, and performance metrics/monitoring—the way it is used has a major impact on the nature of the appropriate solution. Today analysts and experts agree on 6 different usage patterns for MFT:
- Ad Hoc
- Accelerated Transfer or “Extreme” Transfer
- A2A (Administrative-2-Administration)
All are defined by their own markers and require different methods.
How do you send huge files or large collections of files?
When email can’t handle extremely large attachments, what are your options? FTP, public cloud-based sites, and USBs are dangerous alternatives for enterprise content since they are not secure and outside of corporate information governance policies. Secure MFT provides a high performance platform for easily sending and receiving large files safely and securely.
When big files are big problems…
- Risk of data breach or content loss – Large files can’t be sent via email, so employees turn to non-secure, risky alternatives such as FTP, public cloud-share sites, USBs and couriers, putting enterprise content at risk
- Lost productivity – Most file exchange alternatives are very slow. How much time is wasted waiting for files upload? Hours. How much time is wasted shipping the content via courier? Days.
- IT intervention – Do employees have to rely on IT every time they need to send extremely large files? This is an IT resource drain and a bottleneck to get files from Point A to Point B.
Eliminate risk of breaches
Eliminate risk of unsecure file exposure and keep your data safe with a secure file transfer solution for ad hoc file transfers that no longer require time-consuming workarounds
Increase user adoption of a single, secure solution
Eliminate the temptation of employees to share enterprise information through unsecured methods by deploying a single, user-friendly solution for the entire organization
Save time and get more done
Meet your deadlines and send files exactly when you need to–OpenText Fuel provides patent-pending, proprietary acceleration to send files up to 80x faster than FTP or HTTP
Integrate seamlessly into users’ everyday workflow
Easily send files from email, web, and desktop applications with zero disruption in workflow, including full integration with Microsoft® Outlook®
Proof when you need it
Quickly and easily provide a complete audit trail of all file transfer operations
Increase productivity Don’t waste time waiting for files to upload–get more done with accelerated and faster upload speeds that won’t crash and lose upload progress
Save your IT staff time
Reduce the burden on IT of tracking workarounds and help with the enforcement of policies around performance, risk, auditability, and security
A centrally managed, single source for file transfers
MFT ensures end-to-end visibility to all activity in a single solution
The importance of MFT
In the digital economy, more than a third of all business-critical processes involve file transfers. This reality presents an opportunity to transform MFT into a powerful business enabler that reduces costs and risk, improves efficiency and agility, and opens the door to new mobile, cloud and big data initiatives.
To capitalize on this opportunity, you need to align business requirements with file-flow definitions and establish a central infrastructure for managing and securing the complete lifecycle for all file flows — across applications, with your partners and customers, to and from cloud and big data platforms, and between people using desktops and mobile devices.
Why do I need MFT? What can MFT help my organization?
- Protect the business from data breaches and process disruptions by efficiently managing application-to-application file flows — on premise and in the cloud
- Reduce costs by consolidating customer and partner file flows into a shared service with easy onboarding
- Speed synchronization of file-based data with cloud and big data storage platforms
- Provide a secure and governed alternative to consumer-grade, cloud-based file sharing
Automation Benefits of MFT
Historically, programmers write scripts to automate batch-style FTP functions. This works fine on a limited scale, and if configurations rarely change. But relying on scripts can quickly become cumbersome when an organization is exchanging data with a lot of customers and partners, and when things like passwords, libraries, and IP addresses are constantly changing.
Many MFT products also resemble scaled-down job schedulers. For example, an MFT product could be configured to perform several steps in response to the completion of a file transfer, such as convert a file into an Excel document, encrypt the document, and then distribute it via e-mail. Others can hook into schedulers via APIs or SOAP calls.
Keeping up with all the different protocols, including FTP, SFTP, FTPS, HTTP, HTTPS, and SMTP, is also a challenge for the do-it-yourself scripter, says Linoma’s president Bob Luebbe. “That’s a lot of effort to build all those different connectors and to be able to handle all the different formats to truly be able to connect to just about any system,” he says. Linoma’s product, GoAnywhere, supports all the open protocols, including the capability to directly connect to databases, and was recently certified on IBM’s z/OS. It also runs on i OS, Linux, Windows, and Unix, giving it a wide-range of operating system support.
Security Benefits of MFT
MFT provides better security over basic FTP in three main ways: authentication, encryption, and logging.
Plain vanilla FTP relies on user names and passwords for authentication. Security is improved somewhat with FTPS, which delivers files securely over the Internet through an encrypted SSL tunnel, and implements certificate-based authentication. The competing standard SFTP, also creates an encrypted link, and uses passwords or keys for authentication.
Future of MFT
The recent buzz over MFT can be partly attributed to Gartner, which started tracking MFT about two years ago. Gartner says the MFT market currently accounts for $450 million to $600 million in yearly revenues, and is growing at 26 percent per year. IDC has also started tracking MFT.
A recent Gartner report predicted that MFT would grow in concert with another security-related IT discipline–encryption key management–and that both would become “mainstream” technologies in two to five years.
The regulations are lagging in this regard. PCI DSS, for instance, mandates that credit card data be encrypted when its sent across the network, but it doesn’t require encryption when that credit card data is moved internally. This is a key area where MFT can boost a company’s security, keep it in front of the info-security curve, and (hopefully) out of the headlines.
So .. MFT is inevitable upgrade of managed data flow in your organization, if you’re considering deploying an MFT product for your organization, here are a few questions to ask vendors:
- What type of access restrictions may be placed on exchanges moderated by the MFT solution? Can access be restricted by user, domain, time, file type and other attributes?
- Does the solution allow the aggregation of information about human-to-human, human-to-system and system-to-system file transfers in a single repository?
- What workflow capabilities does the solution provide? Can it perform rules-based routing of files?
- Will the MFT solution integrate effectively with your organization’s DLP technology?
Using a managed file transfer product can help your organization avoid data leak horror stories. You’ll gain the ability to restrict permissible senders and receivers, centrally log data transfers, securely encrypt your data, and integrate with data loss prevention products. Considering the business value delivered by MFT in conjunction with the answers to the four questions outlined above will help you determine whether MFT has a role in your enterprise.
DT Asia Group have following MFT solutions for your choice: