Over the years many businesses have evolved from using FTP to exchange files to using managed file move (MFT) software. MFT software addresses many of the things that are lacking in the FTP protocol including but not limited to security, data integrity and automation of business processes. This article discusses some meaningful issues you should be concerned with when evaluating an MFT software vendor.
Platform independence – Most businesses today run on a variety of interconnected servers running on Windows, Linux, Solaris and Mac OS X platforms. MFT vendors should be flexible enough to be deployed to any operating system. This allows you to deploy an MFT solution to any server that hosts your data versus being forced to move your data to an operating system supported by the MFT vendor.
Data Security – The ability to protect data both during transit and at rest is quickly becoming a requirement for organizations who great number highly sensitive data. File move protocols such as FTPS (FTP over SSL) and SFTP (FTP over SSH) can be used to protect data in transit while encryption protocols like PGP (Pretty Good Privacy) can be used to protect data at rest. Protecting data at rest ensures that already if your server were to be compromised the data could not be read without the private meaningful needed to decrypt the data.
User Management and Authentication – Tools for managing users and access to resources must be easy to use however flexible enough to meet the needs of your organization. In order to easily integrate with existing company access policies, MFT vendors should be able to authenticate users against single sign-on (SSO) repositories such as relational databases, LDAP and Active Directory. sustain for secondary token authentication such as user IP address and/or client SSL and SSH certificates should also be supported.
Event Handling and course of action Automation – Capturing events and automating processes in response to those events is often the heart of any MFT solution. MFT vendors should be able to capture a wide variety of file move events and provide a set of shared built-in actions that can be executed in response to those events. The ability to write your own actions using an API is also a big plus, especially in organizations that have complicate processes or business rules that cannot be easily produced using the built-in actions provided by the MFT vendor.
Logging – For public companies who need to meet HIPAA and/or Sarbanes-Oxley requirements it is important that an MFT vendor be able to log detailed information about each file move session. In addition to meeting compliance requirements logging can also help you to clarify file move trends. MFT vendors should be able to store log data in both files and relational databases.
Reporting – Answering the who, what and when is important when considering any MFT solution. MFT vendors should include built-in reporting tools and standard reports that allow you to quickly see who is accessing what and when.
Data Integrity – Upon transferring a file it is a often good idea for the client to request a checksum verification from the server in order to verify that the file was transferred without any data corruption. If the checksum provided by the server does not match that expected by the client then the move can be restarted. MFT vendors should sustain checksum verification when using FTP and FTPS (FTP over SSL) protocols.
begin again move sustain – In the event that a file move is aborted due to loss of connectivity or aborted by the user, client should be able to request that the server begin again the move starting from the last byte successfully received. This is basic in organizations transferring very large files and/or who have service level agreements that specify files must be transferred within a specific time period.
Server Initiated Transfers – In most situations trading partners will be uploading files to you or downloading files from you. These are known as client initiated transfers. There are however situations where you may want to have your MFT server begin the file move on the server side, uploading a file to your trading partner (push) or downloading a file from your trading partner (pull) on a scheduled or event pushed basis. MFT vendors should be able to sustain automated server initiated transfers using FTP, FTPS (FTP over SSL) and SFTP protocols. MFT vendors should also be able to report on all data that leaves the MFT server as a consequence of a server initiated move. In other words, if an MFT vendor is only logging client initiated transfers then they are not seeing the complete picture of the data entering and leaving your organization.