Over the last month we have written several pieces of content reviewing the differences in the infrastructure, software, and categories of file sharing/file transfer solutions. This blog will be the last installment of this series. In this blog we deep dive into some of the largest security breaches in the file transfer/file sharing industry, the consequences and how to avoid falling victim to a cybersecurity attack. One of the largest growing security threats in business today is data and information security. Protecting your organizations files and other important data from hackers is crucial to business operations. Unfortunately, the damaging effects of a data breach have impacted some of the largest companies in the world like Accellion, AWS, Morgan Stanley, CVS, Wegmans, Microsoft, Facebook, HubSpot and more. On the surface, many of these organizations seemed like they would be impenetrable. The size or nature of your business does not matter. It is more important than ever to protect your information from hackers – specifically enterprise data such as personal identifiable information (PII), personal healthcare information (PHI), payment information, or covered unclassified information (CUI). It is crucial to understand that how this data is sent or shared, stored and received is any organizations biggest threat.
In our last few blog posts, we’ve explored potential options and solutions for file transfer platforms. However, we wanted to specifically emphasize the comparison between MFT (Managed File Transfer)/MFTaaS (Managed File Transfer as a Service) and EFSS (Enterprise File Sync and Share). Some key terms we hear regularly in IT conversations - specifically about data/information or file sharing/transfer - are MFT (Managed File Transfer), MFTaaS (Managed File Transfer as a Service) and EFSS (Enterprise File Sync and Share). Both MFT and EFSS can be implemented on premise, in the public cloud, private cloud, or hybrid cloud, while MFTaaS is marketed as a SaaS option where your organization is procuring the management and software from a vendor such as FTP Today to remove the additional management load of infrastructure, platform, configuration and monitoring from administrators. Additionally, all these solutions are going to be used for transferring or sharing data/information, files, etc. to/from multiple devices, locations, users, organizations, but EFSS stands in contrast to MFT/MFTaaS. An additional concern for IT being burdened with the task of deciding if EFSS or MFT/MFTaaS is the more secure option. This is caused by the rise of external information security regulations and internal increases in security posture requiring more robust cybersecurity defense. There is confusion around the resemblance of these solutions. Can these solutions be used synonymously? When should you use one or the other? Do these solutions do the same thing? We wrote this blog to hopefully clear up some of these questions!
Are you trying to select a new file sharing solution, but you have a few questions first? Explore these common questions about file sharing solutions and find out their answers.
What is File Transfer + File Sharing? File sharing is the practice of sharing or enabling access to digital media, including documents, video files, graphics, etc. Anytime you are moving one or multiple files, documents, etc. from one place to another you are executing a transfer if information! Isn’t this exciting stuff? What is Secure File Transfer + File Sharing? Secure file sharing is the act of sharing information (files, folders, etc.) digitally and securely by protecting this information from unauthorized users, intruders, and other malicious manners. When a business or organization needs to share or transfer confidential information to specific person or group it becomes the utmost importance to ensure you are transferring information and sharing files securely.
Since the beginning of the internet, it’s been necessary for organizations to transfer data from one location to another for processing, to store it for a future purpose, or to share the information with others. The 1’s and 0’s that makeup the data today are the same as when the internet first launched in 1984. But what’s changed? The answer (as you intuitively may have guessed) is almost everything else. As Plato said: “necessity is the mother of invention,” and as we began transferring more and more information around the globe and into our homes and offices, we needed larger, faster networks, and increasingly advanced platforms to accomplish this. We curated this high-level overview to provide a full picture of the infrastructure solutions that exist in the market today and the advantages and risks of each.
When the Department of Defense initially announced version 2.0 of its Cybersecurity Maturity Model Certification (CMMC), it was meant to be good news for small and mid-sized businesses and contractors that work with the United States Military. CMMC 1.0 put a heavy burden on these smaller organizations to create systems and manage controls that they simply didn’t have the in-house resources to create and manage. But planning for the CMMC 2.0 model brings to light just how challenging compliance remains for small- and mid-sized organizations. While CMMC version 2.0 has been framed as less of a burden for smaller businesses and contractors, there’s still a lot of work to be done to reach full compliance.
The U.S. Department of Defense (DoD) manages an annual budget that stretches into the hundreds of billions. Much of that money is spent with the 100,000-plus third-party contractors that participate in the nation’s defense industrial base (DIB). The DoD and these contractors must share files and information, and they must do so in a secure manner — for obvious reasons. Today, the DoD offers DoD SAFE as a portal where DIB contractors and members of the U.S. military can share PII-, PHI-, and CUI-related files securely. But is DoD SAFE the best option for your organization? There are DoD SAFE alternatives that are easier to use while providing a level of security that meets DoD expectations for files that fall into these categories. If you’re one of the many defense-related contractors searching for DoD SAFE alternatives, continue reading to learn more about the history of DoD SAFE and your other options for securely sharing files with the U.S. Military.
The search for a secure file-sharing solution can lead you all over the internet. As moving to the cloud and SaaS applications have grown in importance in the 21st century, so has the ecosystem of Managed File Transfer and online FTP providers and other services that can help with safe, secure file storage and sharing. Files.com and ExaVault are two of the providers you may come across, along with FTP Today. However, the ecosystem has become a little smaller as Files.com just announced that it has acquired ExaVault. This indicates that significant changes are coming over the next 12 months with regard to ExaVault’s application and to its customers, including being migrated to Files.com’s application and pricing. This may leave many of ExaVault’s customers looking for ExaVault alternatives.
File transfer protocol has been around for decades. But FTP as originally conceived was not necessarily a secure way to transfer files between two parties. Things are different today. Organizations that need a secure protocol for transferring files have access to plenty of FTP alternatives that can get the job done. In this post, we will walk through your secure FTP alternatives, and we will also provide guidance on how to set up a secure FTP system for your business. If you have any questions about secure FTP, you can always reach out to us to learn more.
Cybersecurity threats exist all around us, no matter what industries we may work in. The organizations that emphasize computer security best practices are the ones that will succeed at preventing threats from becoming realities. Training in computer security isn’t always handled properly, though. To ensure that your organization is staying safe from cybersecurity threats, here’s a look at computer security best practices for fighting internal and external threats, as well as best practices for keeping data safe from former employees.
By now, all contractors that work with the U.S. Department of Defense should be fully aware of the Cybersecurity Maturity Model Certification (CMMC) 2.0 announcement from November 2021. The CMMC 2.0 announcement included updates to CMMC 1.0 that were designed to enhance cybersecurity protections for all entities in the defense industrial base, or DIB, and also streamline protections for contractors already utilizing the NIST 800-171 framework. While the announcement of last November did provide a glimpse at what the DOD’s requirements might be in the future, Congress has yet to codify those requirements into a law to be followed. Unfortunately, that leaves contractors and others in the DIB in a limbo period where they know that new CMMC requirements are coming — but they don’t know exactly what those requirements will be. We’ve written previously about the proposed CMMC 2.0 framework and what it might require of contractors. Now we’ll address what contractors and others in the DIB can be doing right now during this limbo period to set their organizations up for future success under CMMC 2.0 once codified by law. While there’s a lot of confusion about what can be done presently, it’s best for DIB members to focus first on Level 1 requirements as outlined by the CMMC 2.0 announcement late last year. The following 17 specific practices are required for Level 1 compliance. They represent basic security hygiene that you can implement for your organization: limiting physical access to your facility and systems, securing storage and transport of data, and monitoring your systems usage are good places to start. Also, note that Level 1 compliance is the basis for Level 2 compliance.