Managed File Transfer
Encyclopedia
Managed file transfer refers to software solutions that facilitate the secure transfer of data, in flight and at rest, from one computer to another through a network (e.g., the Internet). MFT solutions are often built to support the FTP network protocol. However, the term specifically describes solutions that remedy the disadvantages associated with FTP.
Typically, MFT offers a higher level of security and control than FTP. Features include reporting (e.g., notification of successful file transfers), non-repudiation
, auditability, global visibility, automation of file transfer-related activities and processes, end-to-end security, and performance metrics/monitoring.
MFT applications are available as both licensed software packages and SaaS
solutions. Some are specially designed for enterprise use while others are for sale to individual consumers. A few enterprise-focused SaaS MFT providers also manage the additions of new trading partners, which can free up a lot of IT resources.
MFT Solutions are characterized by having all or most of the following features:
This practice is changing, however. According to Gartner Research, "Organizations often use MFT solutions to replace FTP. This is due to increased focus on
compliance, privacy regulations and corporate transparency — which demand increased auditing,
management, security and process.
, auditability, global visibility, automation of file transfer-related activities and processes, end-to-end security, and performance metrics/monitoring- the way it is used has a major impact on the nature of the appropriate solution. Today analysts and experts agree on 6 different usage patterns for MFT:
All are defined by their own markers and require different solutions.
Challenges for MFT systems include:
Typically, MFT offers a higher level of security and control than FTP. Features include reporting (e.g., notification of successful file transfers), non-repudiation
Non-repudiation
Non-repudiation refers to a state of affairs where the purported maker of a statement will not be able to successfully challenge the validity of the statement or contract. The term is often seen in a legal setting wherein the authenticity of a signature is being challenged...
, auditability, global visibility, automation of file transfer-related activities and processes, end-to-end security, and performance metrics/monitoring.
MFT applications are available as both licensed software packages and SaaS
Saas
SAAS is an abbreviation for* Social Accountability Accreditation Services* Software as a service * Student Awards Agency for Scotland* Seattle Academy of Arts and Sciences* South Australian Ambulance Service...
solutions. Some are specially designed for enterprise use while others are for sale to individual consumers. A few enterprise-focused SaaS MFT providers also manage the additions of new trading partners, which can free up a lot of IT resources.
MFT Solutions are characterized by having all or most of the following features:
- Support multiple file transfer protocols including FTP/S, SFTPSSH file transfer protocolIn computing, the SSH File Transfer Protocol is a network protocol that provides file access, file transfer, and file management functionality over any reliable data stream...
, SCPSecure copySecure Copy or SCP is a means of securely transferring computer files between a local and a remote host or between two remote hosts. It is based on the Secure Shell protocol....
, AS2AS2AS2 is a specification about how to transport data securely and reliably over the Internet. Security is achieved by using digital certificates and encryption.- AS2 Technical Overview :The AS2 protocol is based on HTTP and S/MIME...
, and HTTP/S. - Securely transfer files over public and private networks using encrypted file transfer protocols.
- Securely store files using multiple data encryption methods
- Automate file transfer processes between trading partners and exchanges including detection and handling of failed file transfers.
- Authenticate users against existing user repositories such as LDAP and Active Directory
- Integrate to existing applications using documented API
- Generate detailed reports on user and file transfer activity.
Background
From its inception, FTP has made moving large volumes of bulk data between any two entities—including file servers, applications, and trading partners—possible. However, FTP (and other communication protocols such as HTTP and SMTP) do not, on their own, provide a way to secure or manage the payload or the transmission. Yet, regardless of the lack of security and management capabilities, many companies have continued to transport large batches of structured and unstructured data using these protocols.This practice is changing, however. According to Gartner Research, "Organizations often use MFT solutions to replace FTP. This is due to increased focus on
compliance, privacy regulations and corporate transparency — which demand increased auditing,
management, security and process.
Different flavors
While Managed File Transfer always recovers the same features -reporting (e.g., notification of successful file transfers), non-repudiationNon-repudiation
Non-repudiation refers to a state of affairs where the purported maker of a statement will not be able to successfully challenge the validity of the statement or contract. The term is often seen in a legal setting wherein the authenticity of a signature is being challenged...
, auditability, global visibility, automation of file transfer-related activities and processes, end-to-end security, and performance metrics/monitoring- the way it is used has a major impact on the nature of the appropriate solution. Today analysts and experts agree on 6 different usage patterns for MFT:
- Ad Hoc
- Accelerated Transfer or "Extreme" Transfer
- A2A
- B2B
- Cloud
- SOA
All are defined by their own markers and require different solutions.
Future
As more and more companies realize that FTP is not an option for secure file transfer, Managed File Transfer is beginning to be perceived as a necessity, not an option.Challenges for MFT systems include:
- adaptability to the wide variety of business and technical requirements for file transfers within a wide variety of organizations
- scalability: the ability for the capacity of MFT systems to expand along with an organization's growth
- SAAS model adaptability