Top 10 managed file transfer considerations

April 11, 2012

 1. Platform Openness – To reduce the points of connection to sensitive data and reduce the risk of exposure to those without a need-to-know the MFT solution should be installed on the server operating system where the sensitive data and applications reside. If your corporate data mostly resides on the IBM X, then it would make sense to get a MFT solution that runs on the IBM X.

2. Authorization Controls – To meet many compliance regulations, the MFT solution must provide role based access to limit user access to certain servers or MFT functions based on user credentials.

 3. Secure FTP – Plain FTP is not secure. The MFT solution must support both SFTP (FTP over SSH) and FTPS (FTP over SSL) protocols for secure FTP transfers.

 4. Encryption Standards – At minimum, the solution should support the industry standard encryption standards: AES, Open PGP, AS2, SSH, SSL, TLS and S/MIME.

5. Database Integration – The MFT should readily connect to DB2, SQL Server, Oracle, MySQL and other popular database servers for extracting and inserting data.

6. Data Transformation – Is the ability to translate data between popular data formats including XML, CSV, Excel and fixed-width text formats.

7. Data Compression – Compresses and packages data using popular standards such as ZIP, GZIP and TAR to reduce transmission times.

8. Application Integration – The MFT should provide commands and APIs for interfacing with your applications.

 9. Scheduling – Allows transfers and other MFT functions to be scheduled for future dates and times.

10. Key Management – Does the MFT include management tools for creating, importing and exporting keys and certificates?



  1. The role of key management in encryption
    Whenever a company uses encryption, it has to use encryption keys. Just like the keys in your pocket, encryption keys are secrets – electronic secrets that are used to make data meaningless to everyone without the correct code. As we all know, the strongest safe in the world offers little security if a thief knows the combination to the lock. The same is true in the digital world. Weak protection of keys or poor key management practices means a company’s encryption keys, and therefore the data that they protect, can be easily compromised.
    In this vein, it is no surprise that respondents to the Ponemon study consider key management to be the most important issue when deploying encryption technology, in particular the use of automated and centralized key management. Interestingly, half of respondents believe that investments in key management also have the potential to reduce the operational costs of their organizations.

  2. For professional end-to-end encrypted file transfer solution see http://www.ftapi.com

Comments are closed.

%d bloggers like this: