Author Archive

Driving Securely Through “The Cloud ”

Posted by on Monday, 23 May, 2011

The Cloud“Cloud Computing” is not for everything and not for everyone, but it has made a permanent mark in the lexicon of technology services.

What is Cloud Computing?

In simplistic terms, the Cloud is any application, file host, or virtual computer that is accessed solely via the Internet. The hardware and software actually running those services could be anywhere and therefore is referred to as being in “the Cloud.” The Cloud originally was the graphic reference for the Internet in a corporation’s network diagram, but now it refers to the services available via the Internet.

Security Concerns in the Cloud

Security professionals have always had concerns over remote file hosting sites (FHSs) and the recent Tech News about services like RapidShare and Dropbox came to light this week confirmed some of those concerns. Data security in the cloud is like a verbal agreement – as good as the paper it’s written on. Yet the general public and some individuals in large corporations flock to these services daily – completely unaware of the security risks or understanding how “The Cloud” works. Personally Identifiable Information and other sensitive data is floating around and often falls out of the cloud, landing in the wrong hands.

Regardless of the encryption or security practices professed by a Cloud provider, once the data leaves your network, you no longer own, control, or are able to audit that data. In the case of a subpoena at a data center, a cyber attack or when a device is stolen from a Cloud host, that data has been compromised.

There are great advantages and cost-savings to using Cloud based options to accomplish certain business goals. Renting processing time and applications can work out to a lower Total Cost of Ownership, but beaware of the strings attached. I have taken many applications for test-drives in the Cloud, but when I am responsible for transferring sensitive data on which my employer’s integrity and liability are on the line, I prefer using a secure managed file transfer product to drive through the Cloud.

A Secure File Transfer Solution

Connections that are configured correctly will securely send and retrieve files that meet or exceed compliance requirements. The GoAnywhere managed file transfer solution easily encrypts, securely sends and processes data over your existing Internet connection. The GoAnywhere Director automated file transfer application also securely transforms data between platforms and provides native XML scripting.

Subscribe to this Blog for the next installment: Fuel Efficient Hybrid-Clouds and Going Green with Server Virtualization.


Data Breach: Are You Next (or Again)?

Posted by on Monday, 25 April, 2011

A data breach is closer than you think. As the percentage of data breaches increase, the risk of organizations losing your sensitive data also increases. No one wants to receive the news that some or all of their personally identifiable information (PII) was stolen. There are people who are victims of various phishing scams, but it is more likely that your information will be leaked or stolen from an organization.

The health care industry is currently in the spotlight, as they are moving to mandated Electronic Health Records (EHR) and the American National Standards Institute (ANSI) is investigating the two main health care related data privacy concerns today: how to protect patient information and what is the financial harm or cost per record if it is stolen.

The numbers are staggering. According to the Privacy Rights Clearinghouse (www.privacyrights.org), there have already been 47 reported leaks or breaches in the health care realm this year. That is about one every other day (102 additional reported breaches if counting business and government).

In the world of data security; breaches are no longer thought of in terms of “if,” but “when.” Fortunately, there are easy steps companies and health care organizations can take to protect the PII that they maintain from direct hacking attempts. The procedures data security companies recommend you acquire begin with the following:

  • Require strong passwords
  • Use encryption to protect files in motion and at rest
  • Reduce the number of computers that process sensitive information
  • Audit every transaction
  • Limit the number of accounts that can access the critical data

The organization you own or work for doesn’t have to be the next headline, start researching different options to protect your customer’s sensitive data and keep your organization from a possible breach. The fines and surcharges are exponentially higher than purchasing a secure managed file transfer solution or a database encryption tool. Not sure where to start? Read the Top 10 Managed File Transfer Considerations.

The Culture of Data Security

Posted by on Monday, 21 March, 2011

Data SecurityWe hear a lot of buzz about protecting both customer and company data, but it is alarming how few IT departments and enterprise users are protecting their data correctly. A recent survey conducted for Oracle reveals that fewer than 30 percent of their respondents are encrypting personally identifiable information.

Data and network security should be the basis for every IT decision, but it is typically an afterthought. The Oracle report also concludes that half of companies surveyed profess a strong commitment to data security, but only 17 percent of them have begun to scratch the surface.

Lack of data security is often due to corporate culture and the fear of change. Most companies at the corporate level agree they are committed to data security and protecting customer records. If a company’s official stance is to protect their data, where are the security holes?

In my experience, the largest security holes exist in the departments outside the core IT organization. They don’t place the same value on the data as the IT Security team. Many companies still allow their employees to perform file transfers directly from their desktops and laptops using FTP or other unsecure tools. Not only are these ad-hoc methods unsecure and capable of exposing passwords or entire databases, they do not all function alike and do not provide centralized logs.

Educating employees about the dangers of unsecured and/or unnecessary data transfer is more business-friendly than preventing it altogether. Part of this process should be moving everyone to a managed file transfer methodology, like Linoma Software’s GoAnywhere Director. This not only secures your data transfers, but it creates a digital paper trail showing where assets are going – something which is of particular importance when you consider all the data security compliance regulations in effect today.

Data security for the millions of files sent over the Internet or within “the cloud” is of great importance to all industries, including health care, retail, banking and finance. Internet transfers include the critical data needed to conduct business, such as customer and order information, EDI documents, financial data, payment information, and employee- and health-related information. Many of these information transfers relate to compliance regulations such as PCI, SOX, HIPAA and HITECH, state privacy laws, or other mandates.

We need to grow a data security culture that includes securing file transfers.

Message Queues and Network Shares Added to Managed File Transfer Solution

Posted by on Monday, 28 February, 2011

The new 3.5 release of GoAnywhere Director is now available with more features to help organizations automate, secure and manage file transfers.

In this new release, GoAnywhere Director provides simpler access to files and folders on Network Shares. It can also connect to enterprise Message Queues (e.g. WebSphere MQ) for better integration with customer applications. The new version also includes “File Monitors” which can be used to easily scan for new, modified and/or deleted files in targeted folders. Additionally, this release includes the ability to auto-resume file transfers if FTP and secure FTP connections are broken.

In addition, better High Availability (HA) capabilities allow GoAnywhere Director to store configurations in customer database systems including SQL Server, MySQL and DB2 for IBM I (iSeries). This allows customers to manage and replicate this data using in-house database and HA tools.

I’ll say it again, that of all the tools I have purchased over 28 years in I.T. GoAnywhere Director is my favorite! ~ Don McIntyre, Kansas City, Missouri School District

Read the press release  > >

1.800.949.4696  |  sales@linomasoftware.com  |  privacy policy
Copyright ©1994 - 2012 Linoma Software  |  All rights reserved