Working in the Cloud: How to Secure Large File Exchange
Exchanging files – it sounds so easy. But if you look at the multitude of file exchange activities in a typical organization today you’ll begin to understand the challenge.
First, there’s size.
Typical email configurations restrict attachment sizes to 20MB or less, which is not realistic to the actual size of files being sent today – In the past exchanging a 20 MB file was uncommon – today our clients are sharing files well over 100 MB on a regular basis – to recipients around the globe.
This leads to yet another issue – performance. Email was never designed to handle extremely large files, so when it does it often leads to delivery and network performance problems. We’ve all experienced it. You send a message with a large attachment only to get an undelivered message hours, maybe even days later. Today most corporate policies stop you from even attaching files over a certain size at the point of sending.
Leading us to security.
Sharing files using FTP is too ‘technical’ and difficult to use for most customers and in B2C scenarios not at all – it is also a manual process.
Any requests to enable an FTP account requires setting up firewall rules to allow file uploads and downloads as well as security review and approval.
In addition, they lack automated processes like verifications notices. Ask operations to open just a few ports like FTP to allow file transfers – see how many get that approved quickly?
Recent report from Verizon cited 58% of Healthcare PHI data breaches were caused by insiders – 29.5% coming from misuse.
Driving to – Yep – unsupported file sharing services. These solutions have made their way into companies of all sizes. Make no mistake, your users will always follow the path of least resistance. It’s a classic dilemma – an employee, without file sharing options or failed emails, turns to outside solutions, somewhere, so they can ‘efficiently’ share files.
But the tipping point for most – audits. Evolving global regulations – such as GDPR, Dodd-Frank Act – require financial institutions to maintain reports on who accessed what files and when this was done.
By leveraging our encryption platform’s large file portal capabilities, businesses have full control over the large files they need to communicate.
Employees simply login into the secure webmail portal where they attach one or more large files along with an attached note. The files are then encrypted, in the portal, and a notification message continues onto to the recipient including a link to the portal with full audit and recall functionality – allowing users to easily share within corporate governance and company policies.
You can see an example of how this works by watching this short video demonstration.
By Christian Peel, VP Customer Engineering, Echoworx