“Cloud Computing” is not for everything and not for everyone, but it has made a permanent mark in the lexicon of technology services.

What is Cloud Computing?

In simplistic terms, the Cloud is any application, file host, or virtual computer that is accessed solely via the Internet. The hardware and software actually running those services could be anywhere and therefore is referred to as being in “the Cloud.” The Cloud originally was the graphic reference for the Internet in a corporation’s network diagram, but now it refers to the services available via the Internet.

Security Concerns in the Cloud

Security professionals have always had concerns over remote file hosting sites (FHSs) and the recent Tech News about services like RapidShare and Dropbox came to light this week confirmed some of those concerns. Data security in the cloud is like a verbal agreement – as good as the paper it’s written on. Yet the general public and some individuals in large corporations flock to these services daily – completely unaware of the security risks or understanding how “The Cloud” works. Personally Identifiable Information and other sensitive data is floating around and often falls out of the cloud, landing in the wrong hands.

Regardless of the encryption or security practices professed by a Cloud provider, once the data leaves your network, you no longer own, control, or are able to audit that data. In the case of a subpoena at a data center, a cyber attack or when a device is stolen from a Cloud host, that data has been compromised.

There are great advantages and cost-savings to using Cloud based options to accomplish certain business goals. Renting processing time and applications can work out to a lower Total Cost of Ownership, but beaware of the strings attached. I have taken many applications for test-drives in the Cloud, but when I am responsible for transferring sensitive data on which my employer’s integrity and liability are on the line, I prefer using a secure managed file transfer product to drive through the Cloud.

A Secure File Transfer Solution

Connections that are configured correctly will securely send and retrieve files that meet or exceed compliance requirements. The GoAnywhere managed file transfer solution easily encrypts, securely sends and processes data over your existing Internet connection. The GoAnywhere Director automated file transfer application also securely transforms data between platforms and provides native XML scripting.

Subscribe to this Blog for the next installment: Fuel Efficient Hybrid-Clouds and Going Green with Server Virtualization.

Linoma Software - Staff Writer

Website - More Posts

A data breach is closer than you think. As the percentage of data breaches increase, the risk of organizations losing your sensitive data also increases. No one wants to receive the news that some or all of their personally identifiable information (PII) was stolen. There are people who are victims of various phishing scams, but it is more likely that your information will be leaked or stolen from an organization.

The health care industry is currently in the spotlight, as they are moving to mandated Electronic Health Records (EHR) and the American National Standards Institute (ANSI) is investigating the two main health care related data privacy concerns today: how to protect patient information and what is the financial harm or cost per record if it is stolen.

The numbers are staggering. According to the Privacy Rights Clearinghouse (www.privacyrights.org), there have already been 47 reported leaks or breaches in the health care realm this year. That is about one every other day (102 additional reported breaches if counting business and government).

In the world of data security; breaches are no longer thought of in terms of “if,” but “when.” Fortunately, there are easy steps companies and health care organizations can take to protect the PII that they maintain from direct hacking attempts. The procedures data security companies recommend you acquire begin with the following:

• Require strong passwords
• Use encryption to protect files in motion and at rest
• Reduce the number of computers that process sensitive information
• Audit every transaction
• Limit the number of accounts that can access the critical data

The organization you own or work for doesn’t have to be the next headline, start researching different options to protect your customer’s sensitive data and keep your organization from a possible breach. The fines and surcharges are exponentially higher than purchasing a secure managed file transfer solution or a database encryption tool. Not sure where to start? Read the Top 10 Managed File Transfer Considerations.

Linoma Software - Staff Writer

Website - More Posts

We hear a lot of buzz about protecting both customer and company data, but it is alarming how few IT departments and enterprise users are protecting their data correctly. A recent survey conducted for Oracle reveals that fewer than 30 percent of their respondents are encrypting personally identifiable information.

Data and network security should be the basis for every IT decision, but it is typically an afterthought. The Oracle report also concludes that half of companies surveyed profess a strong commitment to data security, but only 17 percent of them have begun to scratch the surface.

Lack of data security is often due to corporate culture and the fear of change. Most companies at the corporate level agree they are committed to data security and protecting customer records. If a company’s official stance is to protect their data, where are the security holes?

In my experience, the largest security holes exist in the departments outside the core IT organization. They don’t place the same value on the data as the IT Security team. Many companies still allow their employees to perform file transfers directly from their desktops and laptops using FTP or other unsecure tools. Not only are these ad-hoc methods unsecure and capable of exposing passwords or entire databases, they do not all function alike and do not provide centralized logs.

Educating employees about the dangers of unsecured and/or unnecessary data transfer is more business-friendly than preventing it altogether. Part of this process should be moving everyone to a managed file transfer methodology, like Linoma Software’s GoAnywhere Director. This not only secures your data transfers, but it creates a digital paper trail showing where assets are going – something which is of particular importance when you consider all the data security compliance regulations in effect today.

Data security for the millions of files sent over the Internet or within “the cloud” is of great importance to all industries, including health care, retail, banking and finance. Internet transfers include the critical data needed to conduct business, such as customer and order information, EDI documents, financial data, payment information, and employee- and health-related information. Many of these information transfers relate to compliance regulations such as PCI, SOX, HIPAA and HITECH, state privacy laws, or other mandates.

We need to grow a data security culture that includes securing file transfers.

Linoma Software - Staff Writer

Website - More Posts

The new 3.5 release of GoAnywhere Director is now available with more features to help organizations automate, secure and manage file transfers.

In this new release, GoAnywhere Director provides simpler access to files and folders on Network Shares. It can also connect to enterprise Message Queues (e.g. WebSphere MQ) for better integration with customer applications. The new version also includes “File Monitors” which can be used to easily scan for new, modified and/or deleted files in targeted folders. Additionally, this release includes the ability to auto-resume file transfers if FTP and secure FTP connections are broken.

In addition, better High Availability (HA) capabilities allow GoAnywhere Director to store configurations in customer database systems including SQL Server, MySQL and DB2 for IBM I (iSeries). This allows customers to manage and replicate this data using in-house database and HA tools.

I’ll say it again, that of all the tools I have purchased over 28 years in I.T. GoAnywhere Director is my favorite! ~ Don McIntyre, Kansas City, Missouri School District

Read the press release  > >

Linoma Software - Staff Writer

Website - More Posts

FTP was designed as an easy mechanism for exchanging files between computers at a time when networks were new and information security was an immature science. In the 1970s, if you wanted to secure a server from unwanted access, you simply locked the computer room door. User access to data was controlled by the basic User ID and password scenario. (Right is a reminder of how much technology has advanced since the 1970s. The photograph,  taken December 11, 1975, is the Apollo Project CSM Simulator Computers and Consoles. Photo Courtesy of NASA.)

The Internet did not yet exist and the personal computer revolution was still a decade away.

Today, the security of business file transfers is of paramount importance. The exchange of business records between computing systems, between enterprises, and even across international borders has become critical to the global economy.

Yet, the original native FTP facility of TCP/IP wasn’t designed for the requirements of the modern, globally connected enterprise. FTP’s basic security mechanisms – the User ID and password — have long ago been outdated by advances in network sleuthing technologies, hackers, malware, and the proliferation of millions of network-attached users.

Risks associated with using native (standard) FTP include:

• Native FTP does not encrypt data.
• A user’s name and password are transferred in clear text when logging on and can therefore be easily recognized.
• The use of FTP scripts or batch files leaves User IDs and passwords in the open, where they can easily be hacked.
• FTP alone, does not meet compliance regulations. (For example: HIPAA, SOX, State Privacy Laws, etc.)
• When using an FTP connection, the transferred data could “stray” to a remote computer and not arrive at their intended destination leaving your data exposed for third parties or hackers to intercept.
• Conventional FTP does not natively maintain a record of file transfers.

The first step is to examine how FTP is being used in your organization. The next step is to identify how your organization needs to manage and secure everyone’s file transfers. The final step is to evaluate what type of Managed File Transfer Product your company needs.

For more information download our White Paper – Beyond FTP: Securing and Managing File Transfers.

Linoma Software - Staff Writer

Website - More Posts

Achieving and maintaining the IBM Advanced Business Partner level is completely based on product quality and customer satisfaction. IBM assigns their partner levels for ISV’s (independent software vendors), like Linoma Software, on customer feedback.

Linoma Software actively produces five products that run natively on the IBM i (iSeries).

• RPG Toolbox – programming and conversion tool
• Surveyor/400 – an award winning database and file management tool
• Crypto Complete – database encryption suite
• GoAnywhere Director – secure managed file transfer application
• GoAnywhere Services – secure file transfer solution

What is the benefit of Advanced Partnership? Quite simply, Advanced Partners have direct access to resources within IBM. Linoma Software has a direct connection to IBM support, labs and knowledge-base. The Advanced Partnership also provides Linoma Software the ability to test against upcoming software, like the recent i7.1 operating system for IBM i and p systems, before it is released to the public.

Linoma Software is a long-time IBM Advanced Business Partner and is well known for its dedication to high quality software, user-friendly applications, and outstanding technical support. With over 3000 satisfied business customers ranging from small business to Fortune 100, government entities and not-for-profit organizations – Linoma Software provides the same level of expertise to all.

“We work with thirty-plus vendors for all our ‘Power System’ related software, and no one has better technical support staff than Linoma Software. When I call other vendors, I anticipate multiple levels of call routing, and if I’m lucky the person may be able to research a solution. With Linoma’s support team, it’s always been the first person, and they’ve handled the issue with the feel of a practiced hand who recognized my problem and had a solution ready immediately.” Shaun Skelton – Berry Plastics

Linoma Software - Staff Writer

Website - More Posts

Recent posts on this blog have outlined reasons to consider installing a file transfer system that will help streamline productivity and secure the transfer of sensitive documents. We understand that selecting a product can be time consuming. To help you make the most educated decision here are a few more helpful suggestions to consider when selecting a managed file transfer solution.

• Easy to learn and easy to use – The managed file transfer (MFT) system you choose should have an intuitive interface that can be learned quickly. No programming skills should be required. If it isn’t easy to use, end-users and non-IT personnel will shy away from using it.
• Audit trails – The secure file transfer solution should produce comprehensive audit trails of all file transfer activity and support SYSLOG feeds to a central logging server.
• Produces alerts – An automated file transfer solution should be able to send you email alerts or texts instantly when problems occur.
• Password security – The managed file service you choose should not show password values on any screens or logs. Encrypts all passwords that are stored.
• Remote access – The file transfer product allows for remote administration and monitoring of file transfers, preferably through the browser.
• Web site transfers – The file transfer solution needs the ability to support HTTP and HTTPS protocols for transferring data.

A managed file transfer solution can not only save your department time, but it can also save you money. A comprehensive solution will enable you to complete menial tasks and allow your department to concentrate on the larger picture.

Did I mention we have a managed file transfer product…GoAnywhere? GoAnywhere allows organizations to secure and automate the exchange of data with their trading partners, customers, employees and internal systems. Still not sure what you are looking for? We offer a free product trial and we would be happy to schedule a demo to go over how GoAnywhere can help your company.

Related Blog Post: Top 10 Managed File Transfer Considerations

Linoma Software - Staff Writer

Website - More Posts

Before looking for a managed file transfer solution, it is important to determine how data is currently being transferred from your organization. You should find out what users and applications are performing the data transfers, where the source of the data resides, how sensitive the data is, how the data is formatted for the partners and what protocols are used to transmit the information. If the files are encrypted or compressed before transmission, find out what tools and standards are being utilized.

After you’ve done your in-house analysis, then start a search for a secure file transfer solution that best fits your needs. Listed below are the Top 10 managed file transfer considerations.

1. Platform Openness – To reduce the points of connection to sensitive data and reduce the risk of exposure to those without a need-to-know the MFT solution should be installed on the server operating system where the sensitive data and applications reside. If your corporate data mostly resides on the IBM i, then it would make sense to get a MFT solution that runs on the IBM i.

2. Authorization Controls – To meet many compliance regulations, the MFT solution must provide role based access to limit user access to certain servers or MFT functions based on user credentials.

3. Secure FTP – Plain FTP is not secure. The MFT solution must support both SFTP (FTP over SSH) and FTPS (FTP over SSL) protocols for secure FTP transfers.

4. Encryption Standards – At minimum, the solution should support the industry standard encryption standards: AES, Open PGP, AS2, SSH, SSL, TLS and S/MIME.

5. Database Integration – The MFT should readily connect to DB2, SQL Server, Oracle, MySQL and other popular database servers for extracting and inserting data.

6. Data Transformation – Is the ability to translate data between popular data formats including XML, CSV, Excel and fixed-width text formats.

7. Data Compression – Compresses and packages data using popular standards such as ZIP, GZIP and TAR to reduce transmission times.

8. Application Integration – The MFT should provide commands and APIs for interfacing with your applications.

9. Scheduling – Allows transfers and other MFT functions to be scheduled for future dates and times.

10. Key Management – Does the MFT include management tools for creating, importing and exporting keys and certificates?

Related Blog Post: What Qualifies a Product as a Managed File Transfer Solution?

Linoma Software - Staff Writer

Website - More Posts

As more and more companies are seeking a MFT to meet their data transfer needs, the question still arises, what exactly is a Managed File Transfer (MFT)? At a minimum, a Managed File Transfer solution is a product that encompasses all aspects of inbound and outbound file transfers that uses industry proven standards with a central, single point of administration. With a wide variety of products claiming to be a Managed File Transfer solution there are some things you may want to ask yourself (and your vendor).

• Does the solution use industry standards protocols for secure data transfers?
• Is the solution centrally administered or are there pc components required for administration?
• Can I be notified in real time of certain events (e.g. errors) if they occur?
• How will this solution affect my customers, vendors and trading partners?
• Can audit reports be generated?
• What type of security controls does the product have in place to allow separation of duties?
• Are there additional modules or add-ons that might need to be purchased?
• If our needs grow beyond our current platform, how does this solution grow with us?

As you research a vendor to handle your Managed File Transfer needs, make sure you choose a vendor that is able to not only meet your current needs, but the needs of the future. Feel free to contact us to discuss your current and future needs as well as answers to the above questions and more.

Linoma Software - Staff Writer

Website - More Posts

The buzz around cloud computing and virtualization is exciting. Virtualization is not a new concept as this is a progression from distributed computing. What creates the excitement is that virtualization has gained momentum with a few key players making it easy to manage virtual servers via a console or hypervisor.

Why virtualize secure file transfers? The file management realm grew-up with the notion that nothing is secure unless it can be physically segregated in a locked room. This is not reality anymore. “Bare Metal” or “Domain 0” virtual servers are just as secure as physical boxes, but they need to be hardened at the operating system level in the same way as a physical server.

“Virtualization doesn’t fit the traditional mold of dedicated servers to handle a corporation’s encryption of sensitive data, secure data transfers or data translation functions,” says Bob Luebbe, Chief Architect at Linoma Software. “There were many variables to consider, but we were pleasantly surprised at how easy it was to implement a full VMware environment. The virtual servers were easy to manage and move among hosts.”

The GoAnywhere suite of managed file transfer solutions are tested and certified for virtualized and cloud environments. GoAnywhere Director and GoAnywhere Services are the only VMware Ready software-based secure managed file transfer solutions available. GoAnywhere Gateway is the VMware Ready reverse proxy gateway for the DMZ that integrates with GoAnywhere Services.

Linoma Software - Staff Writer

Website - More Posts