Building Enterprise File Transfer Processes that Improve Security, Compliance
Click here to download now
Overview: This whitepaper covers how IT departments can provide workers with file transfer technology that addresses security and compliance needs without putting an unreasonable burden on normal work processes and the ways people prefer to work. Information can be at risk of loss or exposure when it is being sent from one person to another, depending on the file transfer process that is used.
Email is the easiest and most common method used, but unfortunately, it is inherently insecure. FTP also is common, and not only is it insecure, but it’s hard for the average person to use. Some people choose to put unencrypted information on CD-ROMs and send them via courier. All three of these common file transfer processes – email, FTP and CD-ROMs – are risky, normally non-auditable and “non-compliant” with legislative mandates that dictate appropriate information handling procedures.
Protecting data is a matter of observing how and when the data is at risk, and finding appropriate methods to mitigate those risks. Mandates such as the Sarbanes-Oxley Act (SOX), the Health Insurance Portability and Accountability Act (HIPAA), the Graham-Leach-Bliley Act (GLBA), and others provide guidelines on what companies can or must do with the information they handle. Where electronic business records are concerned, it is incumbent on the IT department to take those guidelines and implement appropriate business and technology measures to ensure compliance with the legislative mandates as well as corporate policies.