Four keys to effectively monitor and control secure file transfer



Similar documents
STERLING COMMERCE WHITE PAPER. Four Keys to Effectively Monitor and Control Secure File Transfer

Gain a competitive edge through optimized B2B file transfer

Three significant risks of FTP use and how to overcome them

Ten questions to ask when evaluating contract management solutions

EDI outsourcing: The evolution to B2B managed services

IBM Sterling Warehouse Management System

IBM Sterling Order Management

Improving sales effectiveness in the quote-to-cash process

IBM Sterling Transportation Management System

Enhance visibility into and control over software projects IBM Rational change and release management software

A proven 5-step framework for managing supplier performance

Contract management's effect on in house counsel

Web application security: automated scanning versus manual penetration testing.

IBM Tivoli Netcool network management solutions for enterprise

IBM Tivoli Netcool Configuration Manager

IBM Rational AppScan: enhancing Web application security and regulatory compliance.

Agile enterprise content management and the IBM Information Agenda.

Preemptive security solutions for healthcare

Realizing business flexibility through integrated SOA policy management.

Modernizing enterprise application development with integrated change, build and release management.

Minimizing code defects to improve software quality and lower development costs.

Improve business agility with WebSphere Message Broker

Insights into Enterprise Telecom Expense Management

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

Connectivity and integration Executive brief. Optimize the potential of ERP systems through IBM SMART SOA integration strategies.

The case for cloud-based data backup

IBM Tivoli Netcool network management solutions for SMB

Security Intelligence Solutions

White paper December Addressing single sign-on inside, outside, and between organizations

Rational Asset Manager 7.2 Editions and Licensing

Security for a Smarter Planet IBM Corporation All Rights Reserved.

Addressing IT governance, risk and compliance (GRC) to meet regulatory requirements and reduce operational risk in financial services organizations

Achieve greater efficiency in asset management by managing all your asset types on a single platform.

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Any Partner. Any System. Anywhere. IBM Sterling Business Integration Suite

IBM Unstructured Data Identification and Management

AlienVault for Regulatory Compliance

IBM Security QRadar Risk Manager

IBM QRadar Security Intelligence April 2013

IBM Security QRadar Risk Manager

Driving workload automation across the enterprise

Achieving business agility and cost optimization by reducing IT complexity. The value of adding ESB enrichment to your existing messaging solution

Why supply chain visibility is critical to achieve the perfect order

Spend Enrichment: Making better decisions starts with accurate data

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

IBM PowerSC. Security and compliance solution designed to protect virtualized datacenters. Highlights. IBM Systems and Technology Data Sheet

Cloud Security Who do you trust?

Strengthen security with intelligent identity and access management

Open source, commercial software or a coexistence strategy?

Security strategies to stay off the Børsen front page

Boosting enterprise security with integrated log management

Zend and IBM: Bringing the power of PHP applications to the enterprise

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

SINGLE SIGNON FUNCTIONALITY IN HATS USING MICROSOFT SHAREPOINT PORTAL

IBM RATIONAL PERFORMANCE TESTER

Next Generation Telecom Expense Management

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

Real-time asset location visibility improves operational efficiencies

Extend the value of your service desk and integrate ITIL processes with IBM Tivoli Change and Configuration Management Database.

Stay ahead of insiderthreats with predictive,intelligent security

Optimizing government and insurance claims management with IBM Case Manager

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE

Service assurance for communications service providers White paper. Improve service quality and enhance the customer experience.

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

Achieve greater efficiency in asset management by managing all your asset types on a single platform.

For healthcare, change is in the air and in the cloud

Web servers and WebSphere Portal

IBM Security Privileged Identity Manager helps prevent insider threats

IBM Tivoli Asset Management for IT

Beyond passwords: Protect the mobile enterprise with smarter security solutions

Enterprise content management solutions Better decisions, faster. Storing, finding and managing content in the digital enterprise.

IBM WebSphere Application Server Communications Enabled Applications

Empowering intelligent utility networks with visibility and control

Cubist Pharmaceuticals streamlines clinical trial processes and improves CRO collaboration

Introducing IBM s Advanced Threat Protection Platform

Feature. Log Management: A Pragmatic Approach to PCI DSS

Strategies for assessing cloud security

The IBM Solution Architecture for Energy and Utilities Framework

IBM Tivoli Endpoint Manager for Security and Compliance

Harness the value of information throughout the enterprise. IBM InfoSphere Master Data Management Server. Overview

Better management through process automation.

IBM Security IBM Corporation IBM Corporation

Create Operational Flexibility with Cost-Effective Cloud Computing

IBM Software A Journey to Adaptive MDM

5 Five Ways to Fast ROI With Business Rule Management Systems (BRMS)

IBM Software Cloud service delivery and management

Achieve greater efficiency in asset management by managing all your asset types on a single platform.

Use product solutions from IBM Tivoli software to align with the best practices of the Information Technology Infrastructure Library (ITIL).

IBM Software IBM Business Process Management Suite. Increase business agility with the IBM Business Process Management Suite

How service-oriented architecture (SOA) impacts your IT infrastructure

How to Solve the B2B Integration and Managed File Transfer challenge in Retail Business

IBM Tivoli Endpoint Manager for Lifecycle Management

Introduction to PCI DSS

The Smart Archive strategy from IBM

Transcription:

Four keys to effectively monitor and control secure file transfer Contents: 1 Executive summary 2 Key #1 Make your data visible wherever it is in the network 2 Key #2 Reduce or even eliminate ad hoc use of FTP 3 Key #3 Build scalability into your file transfer system 3 Key #4 Monitor data transfers from beginning to end. 3 Next step Evaluate your file transfer operations Executive summary As more information is digitized and more business data is considered critical, you re spending far more time managing that information, and its movement within your enterprise, with your partners and with customers, than you ever have before. Can your file transfer infrastructure handle the implications of regulations such as Sarbanes- Oxley and the Gramm-Leach-Bliley Act? Are your network and the data that travel across it secure enough? Can your file transfer operations process the rapidly increasing volumes of digital data across disparate systems, platforms and protocols? How effectively does your file transfer infrastructure enable you to meet and proactively manage service level agreements (SLAs)? By answering these questions, some leading businesses have discovered that proving compliance, ensuring secure data transfers and managing the high volume of data to meet service level agreements all have one thing in common: data must be visible across the enterprise. After all, you must know where the data is, and how it got there, to effectively manage it. When you apply this primary key, and the three other keys described in this paper, to effectively manage and monitor the flow of business data, you can dramatically improve the security, auditability, service delivery and scalability of your file transfer operations. You must be able to see your data and know where it is and how it got there from the beginning of a file transfer to the very end.

Key #1 Make your data visible wherever it is in the network New government regulations affect how companies manage data transfer Regulations recently enacted in the United States and Europe hold your company and its executives accountable for tracking data, whether it is moved internally or between partners, suppliers and customers. How ready is your file transfer infrastructure to track that data? The Health Insurance Portability and Accountability Act (HIPAA), for example, has strict provisions with respect to sharing employees personal health data with third parties. Other regulations call for stiff imposing penalties on companies that lose or expose the personal and financial data of customers and employees. Besides risking government-imposed fines, companies that mishandle data may also lose customers and tarnish their brands and reputations with investors. In this environment, you must be able to see your data to know where it is and how it got there from the beginning of a file transfer to the very end. After all, if you can t see your data, you can t manage it. A secure file transfer system that moves data reliably from one application or server to another allows you to comply with increasingly stringent informationsecurity requirements and enables you to proactively manage service. FTP is difficult to manage because it provides no way for you to see where your critical data is, let alone control its movement or generate an audit trail. Key #2 Reduce or even eliminate ad hoc use of FTP. Ensuring data security protects the network and the data traveling on it and simplifies manageability Many companies move data via File Transfer Protocol (FTP). For those companies, FTP may even be the standard file transfer solution. Are you aware that using FTP puts data, and the network it travels across, at risk? For example, with FTP, client IDs and passwords are transmitted in clear text. Worse, standard FTP commands can be used to create denial of service attacks or exploit other network vulnerabilities. Security risks aside, FTP is difficult to manage because it provides no way for you to see where your critical data is, let alone control its movement or generate an audit trail. Sometimes, in fact, data sent via FTP never reaches its destination, and the sender only knows if the intended recipient manually notifies the sender. To ensure the security of and better manage your data and network, you need visibility from the beginning of the file transfer process to the end. That s why it s so important to reduce or even eliminate ad hoc use of FTP. Replacing FTP with a standardized platform for secure file transfer enables you to set and enforce security policies throughout your company and with others outside your organization. 2

Key #3 Build scalability into your file transfer system. As your company s data volume grows, so should your network s ability to transfer data The volume of data that companies transfer is growing exponentially. That s because more types of information are being digitized and more companies are expanding trading partner networks. How readily can your file transfer infrastructure accommodate the growing volume of data? Banks in the United States are now digitizing checks so that they can be processed more efficiently and quickly. If your company is involved in an acquisition or merger, or if your trading partner network is expanding as part of the company s growth strategy, data volume is probably growing exponentially. Trade secrets such as data-filled documents with product specifications or manufacturing design move frequently across global supply chains, and must be secured, too. A secure file transfer system that easily scales to the size of your needs, and that accommodates multiple platforms and protocols, helps ensure your ability to handle the increasing volume of data. Key #4 Monitor data transfers from beginning to end. Meet customer demands and service level agreements Time is money. And nothing underscores that more dramatically than the need to quickly process customers data. Because you have SLAs to meet, you must carefully monitor data transfers from beginning to end for events and nonevents. How much can you rely on your file transfer infrastructure to help you manage to service commitments? A secure file transfer solution enables you to see the data movement in your network. With real-time visibility, you gain more focused insight for resource planning, because a secure file transfer system pinpoints process bottlenecks. And it highlights unreliable or inefficient file transfer solutions that need upgrading or replacing. A secure file transfer solution also enables you to customize alerts based on SLAs, and to define rules for exception handling. Perhaps most important, you can proactively resolve issues before they become failures ensuring that you meet your service commitments. The only way your file transfer infrastructure can meet your evolving business demands is if it lets you see data everywhere in the network. Next step Evaluate your file transfer operations. How ready is your file transfer infrastructure to meet today s business demands? The only way your file transfer infrastructure can meet your evolving business demands is if it lets you see data everywhere in the network. Because your organization s business processes reach across a vast network within and beyond your four walls, data sharing plays an integral role in your company s success. Existing enterprise applications, like enterprise resource planning and departmental FTP servers, enable these processes. However, you must evaluate the impact and the cost that unmanaged file transfers place on your business. Begin by answering these questions: Do you have business processes based on rapidly recurring file transfers at predictable or unpredictable intervals? Do you have business processes that depend on the transfer of especially large files that often exceed a gigabyte in size? Do you have business processes that rely on the transfer of data among hundreds or thousands of partners or customers? 3

Do you have multiple lines of business using different, disparate applications? Can those applications effectively exchange data to enable seamless business processes? Do you face corporate or regulatory mandates that require you to track and monitor data transfers? Can you generate the reports those mandates require? Do you want to make IT more strategic to the organization? Do you wonder whether your enterprise data transfers are secure and working correctly? Answering yes to any of these questions underscores the need to act quickly to improve your file transfer operations to better prove compliance with government regulations, secure the data and the network, manage the increasing volumes of data and meet service level agreements. Your answers to the following two questions may very well define how fast you must act: How much revenue does your company lose if it takes weeks or months to extend strategic multi-enterprise business processes to new partners or customers? How long do you want other departments within your company to continue establishing and using rogue systems to enable file transfer? Help ensure security-rich, reliable data movement with solutions from IBM. You need to act quickly to improve your file transfer operations to better prove compliance with government regulations, secure the data and the network, manage the increasing volumes of data and meet service level agreements. For example, deploying IBM Sterling Connect:Direct supports your efforts to comply with government regulations and to safeguard the data that moves across your network. And IBM Sterling Control Center gives you the visibility you need to better manage data and proactively manage to service level agreements. IBM knows file transfer. Our solutions span from managed file transfer all the way to B2B collaboration. We can better help you establish enterprise-wide control over your data transfer processes. Our products provide the visibility and tools necessary to help ensure that data is safeguarded; its delivery is reliable and auditable, and the file transfer infrastructure can better accommodate your growing volumes. IBM can help enable your company to meet today s business demands and provide a solid foundation to meet those of tomorrow. Secure file transfer solutions from IBM establish enterprisewide control over your data transfer processes. The IBM Sterling Connect family of products provides the visibility and tools necessary to help ensure that data is safe-guarded, its delivery is reliable and auditable, and the file transfer infrastructure can better accommodate the growing volumes. 4

Copyright IBM Corporation 2011 IBM Corporation Software Group Route 100 Somers, NY 10589 Produced in the United States of America July 2011 All Rights Reserved IBM, the IBM logo, ibm.com and Sterling Commerce are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol ( or ), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the web at Copyright and trademark information at www.ibm.com/ legal/copytrade.shtml. The information contained in this publication is provided for informational purposes only. While efforts were made to verify the completeness and accuracy of the information contained in this publication, it is provided AS IS without warranty of any kind, express or implied. In addition, this information is based on IBM s current product plans and strategy, which are subject to change by IBM without notice. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, this publication or any other materials. Nothing contained in this publication is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in this publication to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in this presentation may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. Nothing contained in these materials is intended to, nor shall have the effect of, stating or implying that any activities undertaken by you will result in any specific sales, revenue growth, savings or other results. Please Recycle ZZW03064-USEN-00