Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Managed File Transfer: Insights and Best Practices Steven Jordan Director, Supply Chain Solutions.

Similar presentations


Presentation on theme: "1 Managed File Transfer: Insights and Best Practices Steven Jordan Director, Supply Chain Solutions."— Presentation transcript:

1 1 Managed File Transfer: Insights and Best Practices Steven Jordan Director, Supply Chain Solutions

2 Agenda Axway Overview Context: a brief history of file transfer Managed File Transfer Overview File Transfer Patterns Best Practice Approach Q&A

3 About Axway Serve 11,000+ Customers Globally 1,700 Employees Global Company -- key US offices in Phoenix, AZ Redwood City, CA 31 US security patents / 15+ years of R&D Acknowledged Innovator and leader Leaders Quadrant – Gartner Managed File Transfer (MFT) Leaders Quadrant – Gartner Business to Business Integration (B2Bi) Leaders Quadrant – Gartner Email Encryption Customers Multi-Nationals Government Financial Services Fortune 500

4 | © 2010 Axway | All rights reserved. 4 A Brief History of File Transfer

5 A Data Driven World Over 80% of all business and organizational information is exchanged via files File Size Confidential / Critical Low High 0 MB10 MB100+ GB1 GB Legal Contracts Legal Contracts Image / Media Source Code / Software CAD Files Media / Video EDI Funds Transfer Sales Collateral Sales Data Application-to-application (A2A) Credit Card Data Volume, size, type and frequency of data exchange is unpredictable Community Size Structured Person to Person Business to Business System to System Un-structured Small Large © 2009 Axway - Confidential and proprietary. All rights reserved. 5

6 Intellectual Property (IP) Protection IP protection is widespread and costly –An overseas partner pirates a software title and sells it in local stores –A sales manager leaves for a competitor – takes contacts and clients –An employee inadvertently e-mails an M&A term sheet to a wrong e-mail address –A data tape containing retiree data falls of a truck en route to a backup facility – Gartner/AMR Research © 2009 Axway - Confidential and proprietary. All rights reserved. 6  U.S. Department of Commerce estimates that counterfeiting and piracy cost U.S. businesses $250B+ a year  Average cost for data breach is $202 per record, $6.6M per breach, 69% of which is associated with lost business (Ponemon Institute)

7 Files are being transferred everywhere DMZ ftp server Application server Application server Application server External Vendor External Customer Internal User External Partner System Partner System Rogue ftp server ftp SMTP Physical Media

8 FTP – The De Facto Standard Most Common Internet File Transfer Method Client / Server Architecture Client initiates all connections Many Variations Of FTP, (Vendor Customizations) FTP Problems No Encryption User Names and Passwords Are In The Clear No Integrity Checking No Checkpoint Restart No Tracking No Management FTP Scripting

9 | © 2010 Axway | All rights reserved. 9 Managed File Transfer Overview

10 Managed File Transfer ( MFT ) According to Gartner The Gartner “Managed File Transfer Suites: Technology Overview” report identifies a managed file transfer suite as having the following functionality: –Secure Communications: This entails a collection of commonly used protocols and technologies used for transporting and ensuring the authentication, privacy, non-repudiation and authorization of data between two or more entities. –Management: This is the ability to monitor and control the data (regardless of size) throughout the file transfer. –Integration functionality: Adapters or exposed application programming interfaces. –Streaming input /output: This capability enables the MFT Suites to overcome physical hardware limitations and operating environment limitations. –Checkpoint/restart capabilities: This capability lets the user resume incomplete file transfers as a result of interrupted transmissions, accidental or otherwise.

11 Axway 2010 MFT Survey Results Axway interviewed 150+ IT Executives that manage file transfer operations...here are some key findings

12 88% - concerned about violation of security mandates and preventing data loss via human driven data exchange 83% - still use FTP for external data exchange 78% - concerned about internal/external visibility and monitoring of data file exchanges 44% - currently use unmanaged methods for sending files too big for corporate email exchanges Axway 2010 MFT Survey Results

13 | © 2010 Axway | All rights reserved. 13 File Transfer Patterns

14 Application Integration Pattern Internal File Movement Between Systems –Peer-to-Peer / File Bus –Hub and Spoke Automated and Process Driven Centralized Governance Multi-Platform Considerations Do you have visibility to the data? (i.e., more than system monitoring) Are your internal systems secured? (at a minimum  no FTP)

15 Business to Business (B2B) Pattern Connecting with other organizations –Standards driven –Context aware Community and partner lifecycle management are essential Automated and process driven Flexible security Often requires data services –Validation –Transformation –Routing Are your current tools able to address your needs? Do you have the business involved to help manage your trading community?

16 Multi-Site Integration Pattern File movement between systems across sites (hub/spoke or peer to peer) Centralized governance and site management Automated and process driven Broadcast/Collect Multi-platform considerations Deploy and manage multiple connections (efficiently) Automate, Automate, Automate

17 Portal File Services Pattern Connecting the human web experience and MFT Web portal exposing a business service User access and management (LDAP/AD, SSO, On-boarding) Transparent integration with end user workflow and backend systems More than ease of use (secure and efficient file exchange beyond the portal) Seamless and complete integration (no hops, batching, or queuing)

18 Ad-Hoc File Transfer Pattern Unplanned processes between humans Two models –Repository based (persistence for sharing) –Recipient based (targeted to individual or group) User access and management –LDAP/AD –SSO –On-boarding Policy based control of file access and transfer Can you audit and govern H2S/H2H exchange? (controlling the humans is a must!) Define security up front and stand your ground

19 Humans Systems File Transfer Patterns 1. Application Integration 2. Multi-Site Integration 3. B2B4. Portal File Transfers5. Ad hoc & email Automated Interactive Security / Visibility / Governance

20 | © 2010 Axway | All rights reserved. 20 MFT Best Practices

21 Centralize via a MFT Gateway | © 2009 Axway | All rights reserved. 21 Corporate Network HTTP/S FTP/S SSHFTP EDIINT DMZ Mainframe Other Windows Customer Self Service Internet UNIX MFT Gateway 1.Close gaps to the external 2.Set priorities beyond consolidation 3.Stage the scope of pattern coverage 4.Rollout effort based on needs Edge Server Web Server

22 Optimize B2B and Internal Integration | © 2009 Axway | All rights reserved. 22 Corporate Network HTTP/S FTP/S SSHFTP EDIINT Mainframe Other Windows Customer Self Service Internet UNIX MFT Gateway Application Integration Business to Business Edge Server Web Server DMZ

23 Extend Internal File Exchange | © 2009 Axway | All rights reserved. 23 Corporate Network HTTP/S FTP/S SSHFTP EDIINT Mainframe Other Windows Customer Self Service Internet UNIX MFT Gateway Application Integration Business to Business T T T T T T T T Multi-Site Integration Edge Server Web Server DMZ

24 Cover The Human Element | © 2009 Axway | All rights reserved. 24 Corporate Network HTTP/S FTP/S SSHFTP EDIINT Edge Server Mainframe Other Windows Customer Self Service Web Server T T T T T T T T Ad-Hoc File Transfer Internet UNIX MFT Gateway Multi-Site Integration Application Integration Portal File Services Business to Business DMZ

25 Managing Your File Transfer Patterns Scope out growth and complexity of data framework –Define and prioritize critical ‘exchange relationships’ –S2S, B2B, A2A, P2P, B2P, B2C, etc. Quantify and qualify data content relationships –Outline support for business types, groups, or departments –Update compliance to standards and regulations Account for risk factors –Consider both external and internal security event paths –Identify the risk types (data loss, intellectual property theft, data privacy breach, compliance violations, etc.) Set realistic coverage objectives –What level? –How comprehensive or complex? © 2009 Axway - Confidential and proprietary. All rights reserved. 25

26 Questions/Discussion For more information visit: www.axway.com


Download ppt "1 Managed File Transfer: Insights and Best Practices Steven Jordan Director, Supply Chain Solutions."

Similar presentations


Ads by Google