Archive for May, 2011

Driving Securely Through “The Cloud ”

Posted by on Monday, 23 May, 2011

The Cloud“Cloud Computing” is not for everything and not for everyone, but it has made a permanent mark in the lexicon of technology services.

What is Cloud Computing?

In simplistic terms, the Cloud is any application, file host, or virtual computer that is accessed solely via the Internet. The hardware and software actually running those services could be anywhere and therefore is referred to as being in “the Cloud.” The Cloud originally was the graphic reference for the Internet in a corporation’s network diagram, but now it refers to the services available via the Internet.

Security Concerns in the Cloud

Security professionals have always had concerns over remote file hosting sites (FHSs) and the recent Tech News about services like RapidShare and Dropbox came to light this week confirmed some of those concerns. Data security in the cloud is like a verbal agreement – as good as the paper it’s written on. Yet the general public and some individuals in large corporations flock to these services daily – completely unaware of the security risks or understanding how “The Cloud” works. Personally Identifiable Information and other sensitive data is floating around and often falls out of the cloud, landing in the wrong hands.

Regardless of the encryption or security practices professed by a Cloud provider, once the data leaves your network, you no longer own, control, or are able to audit that data. In the case of a subpoena at a data center, a cyber attack or when a device is stolen from a Cloud host, that data has been compromised.

There are great advantages and cost-savings to using Cloud based options to accomplish certain business goals. Renting processing time and applications can work out to a lower Total Cost of Ownership, but beaware of the strings attached. I have taken many applications for test-drives in the Cloud, but when I am responsible for transferring sensitive data on which my employer’s integrity and liability are on the line, I prefer using a secure managed file transfer product to drive through the Cloud.

A Secure File Transfer Solution

Connections that are configured correctly will securely send and retrieve files that meet or exceed compliance requirements. The GoAnywhere managed file transfer solution easily encrypts, securely sends and processes data over your existing Internet connection. The GoAnywhere Director automated file transfer application also securely transforms data between platforms and provides native XML scripting.

Subscribe to this Blog for the next installment: Fuel Efficient Hybrid-Clouds and Going Green with Server Virtualization.


Managed File Transfer Streamlines HIPAA/HITECH Complexity

Posted by on Monday, 9 May, 2011

Managed File Transfer (MFT) systems are great for policy enforcement, access authentication, risk reduction, and more. But for HIPAA and HITECH requirements, MFT shines as a work-flow automation tool.

MFT as the B2B Enabler

It shines because Managed File Transfer systems are actually automation platforms that can help companies streamline the secure transfer of data between business partners. How? It removes many of the configuration steps traditionally required for complex Business-to-Business (B2B) processes, keeping it straightforward and manageable.

Transferring patient information is a difficult challenge which many healthcare institutions are facing. Data standards were supposed to simplify this communication between healthcare institutions and their partners. But ask any technical professional about the underlying variability of data formats, and you’ll hear a tale of potential confusion and complexity.

Nightmares of Compliance

The HITECH regulations within HIPAA require the security and privacy of healthcare records, strongly suggesting the use of data encryption. These records may travel between various healthcare-related partners including hospitals, clinics, payment processors and insurers. Each partner may require their own unique data format, and each may prefer a different encryption technique or transport protocol.

Considering these differing requirements, adding each new trading partner has traditionally needed the attention of in-house programming or manual processes, which has become hugely inefficient. Furthermore, if the new trading partner is not implemented properly, this can also create the potential for errors that may lead to data exposures. Any exposures could move the healthcare institution out of HIPAA/HITECH compliance and may cost them severely.

Simplifying and Integrating Information Transfer

A Managed File Transfer (MFT) solution can significantly reduce the potential for errors and automate those processes. With a good MFT solution, any authorized personnel should be able to quickly build transfer configurations for each healthcare business partner. This should allow for quick selection of strong encryption methods (e.g. Open PGP, SFTP, FTPS, HTTPS) based on the partner’s requirements, so that HITECH requirements are maintained. At the same time, a MFT solution creates a visible audit trail to ensure that compliance is sustained.

But, perhaps just as important, a good Managed File Transfer solution is constructed as a modular tool that can be easily integrated into existing software suites and workflow processes. In fact, a good MFT is like a plug-able transfer platform that brings the variability of all kinds of B2B communications under real management.

Now extend the MFT concept beyond the healthcare business sector, into manufacturing, finance, distribution, etc. Suddenly MFT isn’t a niche’ utility, but a productivity and automation tool that has myriad uses in multiple B2B environments.

A Day-to-day Technical Solution

Perhaps this is why the Gartner Group has identified Managed File Transfer as one of the key technologies that will propel businesses in the coming years. It’s more than just a utility suite: It’s a system that can be utilized over and over as an integral part of an organization’s solutions to automate and secure B2B relationships. In other words, MFT isn’t just for specialized compliance requirements, but a lynch-pin of efficient B2B communications technology that can bring real cost savings to every organization.

Healthcare Case Study Utilizing a MFT Solution: Bristol Hospital Takes No Risks with Sensitive Data

Thomas Stockwell

Thomas M. Stockwell is one of Linoma Software's subject matter experts and a top blogger in the industry. He is Principle Analyst at IT Incendiary, with more than 20 years of experience in IT as a Systems Analyst, Engineer, and IS Director.

More Posts - Website

1.800.949.4696  |  sales@linomasoftware.com  |  privacy policy
Copyright ©1994 - 2012 Linoma Software  |  All rights reserved