There has been an increased buzz around what Managed File Transfer is and how it improves security, speed, and manageability of moving large files. This talk is drawing the attention of an increasing number of business executives and managers, often unfamiliar with this term. If this is applies to you, continue to read.

As defined by Gartner:

“Managed file transfer software and services enable users to manage and monitor file transfers within and between organizations.”

In its most simple form, MFT provides performance enhancements at a bare minimum to these four areas listed below:

Large Files and volumes of files can be sent effortlessly using MFT solutions, and often with little or no downtime, a far improved alternative to traditional file transfer solutions, such as FTP. Some MFT solutions, like Thru, allow users to send files or folders of any size, removing the hassle of using complicated and time consuming FTP solutions or email servers that are unable to handle large files.

Security comes in the form of encrypting data in transit and at rest, which is just one aspect often necessary to achieve compliance both for internal and external stakeholders. Auditability is another feature; MFT ensures all actions that have taken place on all files are securely stored for reporting purposes. Furthermore, MFT comes with authorization policies which grant users different levels of clearance to files which can be accessed or transferred. For Cloud MFT solutions, features like datacenter and network security including firewall and intrusion protection devices may be provided. Backup, redundancy, and disaster recovery may be ensured by the use of multiple servers across geographical locations. There are a plethora of other security features available and features continue to accumulate rapidly.

Management is provided in the form of functionality such as monitoring, visibility, scheduling, and reporting. Monitoring allows the tracking of messages, files and transactions, enabling operations such as notifications whenever files are downloaded. Visibility gives insight into existing file transfers, processes, systems, and people who interact with messages and files. MFT solutions can also allow for schedule transfers to be done automatically in the future, as well as detailed or summarized reporting, all from one centralized location.

Integration with third party applications enables MFT solutions to be implemented with little or no change in workflow. Examples of such applications are email clients like Microsoft Outlook, Lotus Notes or CRMs like Salesforce.com, as well as many other applications through Web Services API.

“Elliott Greenleaf & Siedzikowski has sued a former partner and his new firm, Stevens & Lee, for allegedly installing software on Elliott Greenleaf’s computers that allows the partner to have continued access to the firm’s files in the “cloud.”

The article describes how users took advantage of DropBox’s ability to be installed on any computer and consequently under the radar of IT, whereby a link was created to steal data from a former employer. This was achieved by using DropBox to synchronize files from the internal network and making these accessible outside the firewall. In this particular case it meant, “secured” files were made accessible to employees after leaving the firm. According to the article, this was not done by mistake, but with intent. The problem described here is not whether DropBox is secure or not, it’s how “consumer” file transfer solutions can potentially be misused or mismanaged within corporate walls. Unauthorized file transfer solutions are counter-productive to any compliance and governance efforts. How does IT counteract this trend, whether installed with or without intent?

To prevent cases like the one mentioned above, organizations concerned with data security and compliance need to monitor all file transfers in and out of the organization, have a full audit trail of all files communicated, and incorporate governance of file transfers as an ongoing program.

Unfortunately, “consumer” file transfers solutions are everywhere. When working for Gartner, clients told me they typically had as many as three to four “consumer” file transfer solutions installed across the business. The explanation was often the same, file transfer had flown under the radar and more often than not IT had not been proactive with business user’s demands for alternatives to existing FTP and Scripts.

IT is now playing catch-up to get a grip with the consumer based file transfer solutions, which is why IT increasingly sees file transfer as an essential part of center of excellence (COE) for integration, Integration Competency Center (ICC), Service-oriented architecture (SOA) or Business process management (BPM) initiatives. This is done to bring governance back to file sharing and under the control of IT.

Why is Thru different from other file transfer solutions? Thru only sells to enterprises and does not offer any consumer services, free or paid. We don’t fly under the radar of IT; we work with IT and have done so for over 10 years, integrating into existing monitoring tools and policies. Thru’s Managed File Transfer solution enables enterprises with the security and governance needed, furthermore providing business users with an easy to use, alternative solution, with no changes in workflow.

Today many organizations still rely on traditional File Transfer Protocol (FTP) servers to circumvent email size limitations. These legacy systems do not offer any central visibility or provide a unified, integrated solution for all internal and external file transfers, placing a continuous burden on IT personnel. Additionally, business users do not have visibility into the file sharing process such as attempts to add external recipient(s) and tracking of non-repudiation.

Typically multiple FTP servers are utilized for dedicated internal and external communication due to security concerns or firewall limitations. In these cases business users need IT assistance to facilitate transfers from internal FTP servers to external users. Due to these additional implementations, IT organizations also have to spend more time on troubleshooting and testing systems, often investigating multiple FTP and scripts. The burden on IT is particularly heavy when file transfers are part of workflows which traverse multiple operating environments, transfer partners, or are embedded in the implementation of a Service Oriented Architecture (SOA) service. This overhead in combination with an increased focus on compliance and regulations prompts organizations to look at new ways and technologies to govern file transfers, often due to a combination of the above use cases.

For more on this topic, and the limitations of other methods currently used to transfer files, register to download our free white paper, “Extend Your Corporate Email Investment – Effortlessly Send/Receive Large Files”

Feds Shutter Megaupload, Arrest Executives

Megaupload was based on a consumerization model, aka freemium service. This is where a vendor supports “free” users, working to convert the “free” users into paying customers.  By offering a freemium model, the task of governing millions of users and what they upload & download is simply impossible, not to mention costly.

What we have seen is that the easy accessibility of these types of services becomes very attractive to a large percentage of the population and will often creep into the corporate environment.  According to The Application Usage and Risk Report by Palo Alto Networks, which monitored a week’s worth of traffic at 1,636 medium to large size businesses around the world, Megaupload traffic was found on 57% of corporate networks and Dropbox was being used at 76% of these organizations. These unsanctioned file sharing applications, which bypass security policies and use vast amounts of corporate bandwidth, are not going away until enterprises incorporate efficient and secure ways to allow their non-technical staff members and external partners to communicate.   Executives need to be concerned that once these types of unregulated systems, using a platform with millions of users, creep into the corporate environment, organizations are opening themselves up to huge security risks.

Megaupload, Dropbox, and Box.net all have their place in the “consumer” world, but were they built to accommodate the critical business and security requirements of the enterprise?  If you are one of the medium to large size businesses that have seen freemium services creep into your network, then it’s time to consider a service that was built solely to meet enterprise needs, a secure managed file transfer solution that can directly integrate with your email infrastructure or CRM system allowing non-technical staff members and external partners to communicate directly.  It’s time to consider Thru, Inc.

At Lotusphere 2012, we are excited to sponsor the Nerd Girls’ Great Geek Challenge.  This year’s event promises to be another fun and challenging evening as both nerd girls and boys come out and test their knowledge while enjoying food and drinks.  There is no need to register, just show up at the Fountain Restaurant in the Dolphin Hotel on Tuesday, January 17th before 8PM to enter your name into the drawing for the $200 Amazon Gift Certificate and secure your seat at a geek table.  Our own nerd boy, John Herr (who spent New Year’s Eve watching a marathon of the Big Bang Theory), will be at the event representing Thru, Inc.  We look forward to seeing if he has what it takes to win the trophy for Lotusphere’s Greatest Geek.

Thru, Inc. is the first cloud-based managed file transfer solution provider, with direct integration into the Lotus Notes environment so users can send and manage unlimited size files directly through their email client. We are now offering a free 30 day trial for folks attending Lotusphere–register today.

Earlier this year Bitcurrent–an analyst firm focusing on emerging technologies and how to put them to work–released a survey which provides some insight into why companies (of various sizes) are adopting the cloud.  The survey was not comprehensive, but provides some interesting points and coincides with what Thru, Inc. is seeing with regards to why organizations are moving their electronic file management and file transfers to the cloud.

In the managed file transfer market (closely aligned to the survey) Thru is seeing that most of the companies we engage with are moving to the cloud because of its elasticity, quick deployment time, and lower costs.   Furthermore, we are seeing that companies with globally dispersed teams and worldwide partners are adopting cloud solutions the fastest, closely followed by companies that want to send and receive documents with guaranteed instant distribution and legal-grade, tamper-proof evidence of delivery.

The year 2011 was the cloud’s boiling point, as IT departments and management teams began to clearly understand the advantageous of computing as a service.  In 2012 the masses will begin to integrate cloud computing into their corporate infrastructure.

I keep reading about managed file transfer (MFT) vendors adding new features–the latest ones include:  antivirus, the ability for customers to upload/download over 2 gigabytes from any Web browser, analytics with reporting, and better security.  Several claim to be the first to introduce these features, but Thru’s cloud-based managed file transfer solution, for the enterprise, was built on these features ten years ago.

• Take antivirus, Thru has been using Symantec for years to secure files sent and received by anyone using the Thru Cloud (incidentally, it is a “true Cloud” solution). Thru can also plug-in to any antivirus solution, by the request of a customer, it is part of the design.
• 2GB upload and download in the browser, not a problem.  Thru has been doing this for years–in fact several terabytes can be moved as there no limit on file sizes using Thru.
• Analytics: Thru is a 100% database driven application, meaning anything that takes place is logged and can be reported on to meet compliance regulations.
• Security is core to the Thru platform, which is why we invest in SAS 70 II data centers, ISO 9001:2008 and ISO/IEC 27001:2005 certifications. Three factor access control (fingerprint, access card and PIN) and 24 x 7 x 365 CCTV- Tier III+ fully redundant infrastructure to ensure no single point of failure and business continuity.
• Data-at-rest encryption – Microsoft EFS is used for encrypting data at rest using AES, SHA, and ECC cryptographic algorithms compliant with Suite B encryption requirements as defined by the National Security Agency to meet the needs of United States government agencies for protecting classified information.
• End-to-end SSL encryption – for HTTP and FTP data transfer: 3DES for transport encryption with AES-256 client browsers support. SHA-1 hash function.
• Advanced Integration - Integration with Active Directory and secure Single Sign-On (SSO).
• Database isolation for each deployed instance of Thru services – Each Thru instance can run in a standalone environment to isolate all documents and related database information.
• Storage in a virtualized file management system – Storage which can only be accessed by the application layer.
• FIPS 140-2 certified.

Thru is a platform so all of its features are available through the API allowing flexible alternatives for administrators and developers to embed custom functionality into any application.

Having participated in several Gartner conferences over the years, as a Gartner Analyst covering Managed File Transfer (MFT), I am very familiar with Gartner research and trends. While working for Gartner I have seen the Cloud evolve from a curious little topic, covered by a handful of analysts, to a fully-recognizable and viable global resolution included by all analysts in their research agenda. However, in the years from inception, one trend has always remained: skeptics among the audience, regardless of what analysts and the industry are saying.

Having jumped to the dark side (the “official” jargon used for anyone from Gartner moving to the vendor side), I found myself in a situation where I knew “everyone” attending the event, but at the same time being someone on the outside looking in.  This provided me with a unique opportunity to connect with clients in a different way and get closer to what was happening on the grass-root level.

In previous years, the analysts have been telling clients to consider and possible embrace the Cloud, because it makes sense from a scalability and cost perspective.  The key difference I noticed this year, was the amount of clients requesting the Cloud for various projects including:  CRM, Cloud Services Brokerage (CSB), ERP, traditional B2B integration, SOA and more.  Attending a few case studies and tracks where both analysts and clients talked about some of the benefits of the Cloud, some interesting points arose:

• By using the Cloud an organization can focus on business processes and less on IT
• We wanted a dial tone (something that always works), so we turned to the Cloud
• Cloud Services Brokerage (CSB) is emerging as a viable solution for clients to connect–not only for B2B and different Cloud providers but also for A2A
• CSB is seen as a viable alternative to Mega Vendors–both ultimately provide one integrated solution
• Managed File Transfer (MFT) is increasingly used in Cloud-to-Cloud and on-premises to Cloud Integration scenarios.
• Ad-Hoc MFT was hugely popular

Yes, just as in year’s past, there were some skeptics at last week’s Gartner Application Architecture, Development & Integration Summit, but it was amazing that the majority of attendees were finally embracing the Cloud.

More and more businesses are embracing cloud computing as a way to enhance their business processes, reduce time to revenue, and deliver new services more effectively. Business users are adopting the cloud 4 to 5 times faster than their IT departments – in a survey conducted by Avanade earlier this year, of 573 C-level executive and business unit leader respondents, 20% said they had actually gone around their IT department to provision cloud services. In addition, 61% said it was easier to provision the services themselves, and 50% said it takes too long to go through IT. KPMG also conducted a survey in which 80 percent of respondents said the switch to Cloud was driven by efforts to improve processes, offering more agility across the enterprise.

For applications from customer communication management, to electronic software distribution, to secure statement delivery and project management, the cloud is brilliant. The flexibility and scalability the cloud brings to content delivery and file management, along with transparent integration with today’s email and customer relationship management systems, allows business users to expand and optimize their business processes without changing existing workflows. As business leaders continue to translate their business strategies to IT, the cloud will unquestionably be adopted by IT departments to fully support the organizations’ business requirements.

If you are attending this year’s Gartner Application Architecture, Development & Integration (AADI) Summit in Las Vegas, November 29-December 2, please stop by our booth NN to learn more about Thru’s innovative cloud-based services and solutions.