April 15, 2022

    Selecting IT Infrastructure for File Transfer & Sharing Needs

    Since the beginning of the internet, it’s been necessary for organizations to transfer data from one location to another for processing, to store it for a future purpose, or to share the information with others. The 1’s and 0’s that makeup the data today are the same as when the internet first launched in 1984. But what’s changed? The answer (as you intuitively may have guessed) is almost everything else.

    As Plato said: “necessity is the mother of invention,” and as we began transferring more and more information around the globe and into our homes and offices, we needed larger, faster networks, and increasingly advanced platforms to accomplish this. We curated this high-level overview to provide a full picture of the infrastructure solutions that exist in the market today and the advantages and risks of each.

    In business today, it is a necessity for any organization from SMB to enterprise level organizations to have a way to exchange files and other information reliably and securely. Although security is typically the most important feature organizations also need to ensure that the file-sharing/data-transfer solution they choose is easy-to-use and adaptable. If employees are not given an option that they can easily incorporate into their operations, they tend to seek out and use consumer-grade solutions. Let’s take a deeper look at the infrastructure solutions.

    On-Premise (On-Prem) File Transfer + File Sharing Solutions

    On-premise file transfer solutions for a long-time were the only option. On-premise (sometimes referred to as “on prem” or “in house”) may seem outdated compared to a cloud-based solution but having a secure storage and file sharing/file transfer solution that sits on your company’s in-house hardware at a business office or location or a data center of your choice offers the security, control, efficiency, and functionality advantages of being on your proprietary network. You own the hardware. Outside parties connecting to your server to pick up files in this scenario would be a different story regarding security though.

    There is more configuration time and up-front costs associated with on-premise vs. a cloud server. There’s also the ongoing risk of increased vulnerability as your organization will be responsible for securing your systems both physically and from cyber threats. Alternatively, you will have a greater degree of customization with on-prem which may better fit your needs if you have administrators with specialized requirements. Organizations from mid to large sized along with banks, universities, government agencies and other private institutions still utilize on-premise solutions for some workloads, but over 96% of enterprises are now utilizing cloud-based systems in some form.

    Advantages

    • Full Control Over Your Own Data – Your own data, and/or customer data, is not stored on the server at another company.
    • Data Access Even if the Internet Fails – If the Internet should fail, direct access to the data stored in your systems remains accessible through the internal network or by simply walking to the server if it’s in your office location.
    • High Degree of Customization – Normally, standard software is used as a basis and then extended by individual customizations or adapted to the specific application.
    • Own the IT Infrastructure – You own the infrastructure and are completely independent from relying on other server providers.
    • No Ongoing Software Costs – File transfer software for on-prem configuration is usually purchased outright and not obtained via a licensing model.

    Risks

    Organizations moving toward remote work in 2022 have placed questions regarding data storage and accessibility top of mind. Even though there are certain advantages to the traditional manner of organizations keeping operating systems, servers, and other hardware as physical assets on company property, it still comes with considerable risk when compared to a cloud-based solution.

    When evaluating an on-prem file transfer solution, it is imperative to understand the risks and potential downfalls involved while evaluating which method is best for your organization.

    1. Security: On-prem servers are physical assets and face the same dangers the rest of the building might be exposed to, including fires, floods, or break-ins. Additionally companies (including some of the world’s largest organizations) have adopted a remote first strategy in a world where their employees became used to working from home and data has increasingly moved online without needing to visit the office daily.
    2. Slow to Scale: As companies grow, their data storage needs to change and expand. It is extremely time-consuming and expensive to scale physical servers.
    3. Minimal Data Backup and Recovery: The greatest risk for on-prem file transfer servers is the loss of data and the minimal backup and recovery options available. A malfunction in the system, or a compromised system held for ransom by a bad actor, can lead to a permanent loss of data on a company’s internal server. While businesses can choose to store their data on a backup server at a secondary facility, this service generates additional costs and maintenance fees.
    4. Increased Cost: You are not only buying the software. You are buying the physical infrastructure and keeping on-prem servers running and secure can generate a lot of extra costs, not the least of which is staffing a dedicated IT support team. Between the maintenance costs of server hardware, OS and database licensing cost, power consumption, and accounting for the physical space the server occupies, on-prem servers end up costing companies more money overall.
    5. Lack of Access & Mobility for Employees: In a business landscape that is rapidly going remote, ensuring all employees have access to their company data is essential to keep things running smoothly. While data stored in on-prem servers is limited to the physical office, cloud storage takes the office anywhere employees go.

    Overall attempting to make on-prem infrastructure effective for a remote work environment will likely be costly and require additional equipment and licensing leading to a rather cumbersome process.

    Cloud-Based File Transfer + File Sharing Solutions

    Since the first solutions hit the market in the early 2000s, cloud file transfer applications and remote storage have seen impressive growth fueled by Amazon and Microsoft, amongst others. The cloud is a network of remote data centers/servers linked to operate as a single entity. This “cloud” can be used to store, share, transfer all kinds of data and information from software to files/folders. These cloud deployments are used to provide web-based emails, online applications, storage, and other interactive environments.

    Cloud-based file transfer solutions, otherwise known as Managed-File-Transfer-as-a-Service (MFTaaS), is a Software-as-a-Service (SaaS) solution hosted completely off-site and by a third-party provider. They offer significant scalability and set-up advantages thanks to its off-the-shelf configuration packages that can quickly add storage and bandwidth resources. However, there may be additional security concerns if the MFTaaS solution provider you choose does not also have security top of mind and developed security features for strict compliance environments. An MFTaaS solution allows the user to access all of their data via the internet, usually through a sign-on portal or through a file transfer protocol directly. This service is the most common, cost effective, and simple solution for most organizations.

    Advantages

    • Reduced CAPEX Costs – The cloud has allowed businesses to cut down their costs for large upfront expenditures. Sharing files directly over the Internet means there is no need to own any hardware or equipment in a datacenter. Businesses and consumers alike can appreciate the benefit of cost reduction.
    • Saves Time – Business owners and the average person can save a great deal of time, thanks to sharing files via cloud-based solutions. Now, there’s no need to spend months configuring and maintaining on prem infrastructure.

      Additionally, a cloud-based solution doesn’t require organizations to save the files to a device, transport that device, and insert that device into a computer to access the files if your organization has policies against allowing outside entities to connect directly to your infrastructure. Files can instantly be shared in just a few clicks. Talk about a huge time saver.
    • Accessibility – Not only can files be easily shared but they can also be easily accessed by anyone from anywhere. You don’t necessarily have to be at a specific device to share and receive files unless your organization is utilizing advanced features such as IP restrictions; if you are on the cloud, you can send and receive files from any location – your phone, your tablet, a desktop in Peru – anywhere with an internet connection and a simple web browser!
    • Security – By choosing the right cloud-based file transfer partner, you’ll immediately get access to advanced security features they have already built into their platform. This might include items in the software like Single Sign-On (SSO), multi-factor authentication (MFA), advanced features for password resets, or IP address restrictions. At the infrastructure layer they could have optional features in place such as Intrusion Detection Systems (IDS), or virus and spyware protections. This keeps your organization from procuring and configuring these items for your file transfer platform.

    Risks

    Cloud-based storage security risks are constantly evolving. The ever-increasing amounts of proprietary or personal data stored and accessed from the cloud increases the need for organizations to understand and assess their cloud storage security risks. While many organizations have structured and consistent approaches to cloud security, others are not yet fully aware of the shared responsibility model of cloud security and their options when it comes to using and securing cloud services such as file transfer.

    The use of cloud applications can present various security risks, and organizations often fail to identify and responsibly manage those risks. Below are 4 common examples of security risks with cloud-based file transfer applications.

    1. Gaps in Access Control Processes: Most organizations have consistent processes in place for access control, such as authorization, role-based access, regular administrator review, and prompt disabling of accounts when an employee leaves the company or changes roles. However, sometimes their existing processes are not extended to include all cloud services which might include your file transfer solution.
    2. Authentication Weaknesses: Transitioning to cloud can create some gray areas on who is responsible for what security controls. This often comes up in relation to authentication. We have seen clients who think they are “stuck” with a cloud-based file transfer solution’s weak password requirements or lack of multi-factor authentication (MFA). But in many cases, like in our platform, password configuration and MFA are normally under the client’s control by making sure you are on a plan with the feature and implementing the feature for your organization.
    3. Unauthorized Use of Cloud Services: We frequently learn through interviews that a client’s employees are using cloud-based solutions that have not been vetted nor approved by the organization. Many surveys across the industry have been conducted, and many concluded roughly 40% of IT spend is outside of the CIOs control, or unauthorized by the organization!

      Additionally, this comes up often in relation to file sharing and file transfer platforms with external parties using cloud solutions such as Dropbox, Box, SharePoint, or Google Docs.

      Although there may be a justifiable work-related reason to share files employees may not be permitted to or able to share the information via email. This could be because the information is subject to data loss prevention or the file size of whatever is being shared. In some instances, the employees may not even know that there is an organizational solution for sharing files. Typically, we find that employees are not aware of the potential security risks associated with using unauthorized services, and they view the use as harmless.

    4. Incident Response Preparedness: Have you considered how your organization will respond to a security incident that involves your use of cloud-based file transfer services? If not, you are not alone! These services often present unique challenges in the incident handling process, and many organizations have not yet considered these challenges and incorporated them into their response plans and strategies.

    Moving business processes such as file transfer to the cloud is a great way to achieve scalable, cost-effective IT solutions, but companies must be careful to identify and manage risk along the way. 

    Hybrid File Transfer + File Sharing Solutions

    A hybrid infrastructure, or hybrid cloud, file transfer solution is an IT infrastructure design and environment made up of a mix of on-premise data centers, private clouds and/or public clouds with the file transfer software layer residing on each infrastructure. This can give you the best of both worlds with more options for storing and handling sensitive data in the private cloud, or through a SaaS provider that has expertise in a specific field such as file transfer and connecting them to your other environments through SFTP.

    In fact, reports suggest 82% of enterprise organizations are operating a hybrid cloud model where they pick might have on prem file storage, a public cloud footprint, or have outsourced MFTaaS to an industry leader. Additionally, companies with some regulatory requirements such as lengthy backups of files that have been transferred may benefit from utilizing the hybrid system because of less expensive archival storage costs, with the increased features and management of SaaS.

    In a hybrid cloud, your organization is deploying, configuring, and maintaining operating systems, work applications, and security applications in multiple environments (depending on the requirements of your business). This puts additional strain on IT staffs for management and monitoring of infrastructure and applications. Why is this important? In some industry surveys, over 50% of IT staffs have said they already have an excessive workload. As IT environments become more complex with more requirements, it’s important to consider the well-being of your team.

    Advantages

    • Control – Instead of trusting a third-party cloud provider to manage every aspect of a company’s IT infrastructure, an IT team can customize and adjust the private end of its hybrid model to fit its needs, maintaining control over at least a portion of the infrastructure.
    • Scalability – A hybrid infrastructure solution for file transfer allows a company to tap into the flexibility and power of the public cloud to seamlessly increase its operational capacity when demands spike, while allowing business-critical data and operations to remain in a different and secure location of your choosing, whether that be a SaaS provider, in your own private cloud environment, or on-prem. Changing configurations can be much faster and easier in a cloud environment compared to traditional network infrastructure, where upgrading can take weeks or even months.
    • Security – With a hybrid cloud model, businesses can leverage the security of on-premise infrastructure and private cloud while taking advantage of the power and services of a public cloud — reducing the potential exposure of critical data. While data stored in a private environment will likely still have to run on a public cloud for analytics and applications, an encrypted file transfer protocol can be used to minimize security breaches for file transfers. Organizations can also decide where in their infrastructure to house their data and workloads based on policy, compliance, and security requirements.
    • Potential Cost Savings – From a cost perspective, hybrid cloud storage for managed file transfer is an attractive alternative to a purely private cloud, which can be expensive to update and expand over time. A hybrid infrastructure allows a company to optimize its IT spending for long term backups and archival storage by lowering operational expenses with the secure, scalable public cloud for non-mission critical parts of its business.

      By doing so, an organization is using their cloud based MFTaaS storage primarily for file transfer. Many public cloud vendors often allow companies to connect and to “burst” into public cloud resources only when they need them. only when they need them.
    • Business Continuity – Hybrid environments can absorb workload surges if configured to do so. As computing demands increase or suddenly spike, business continuity plan will hopefully keep your infrastructure from being overloaded and failing. Data can also be backed-up in the cloud. This ensures that, your organizations business operations will not be interrupted in the case of a full datacenter failure.

    Risks

    Public Cloud is often considered ‘less-secure’ because of the potential lack of privacy and security policies in place between multiple tenants on a public cloud. between multiple Private Cloud, though ‘secure’ because less people will know of its existence, often fails to offer the robustness or versatility of the public cloud if your infrastructure is operating on outdated or obsolete cloud platform That’s where the industry started looking at ‘Hybrid Cloud’ for security!

    But gaining the advantages of a Hybrid Cloud file transfer platform depends on analyzing and addressing a few critical challenges, listed below:

    1. Compliance: In a hybrid cloud file transfer model, data traverses between highly secure private cloud and generally less-secure public cloud networks. This puts data compliance at risk. Data security standards and specific industry standards like GDPR, CMMC for government contractors, CJIS for law firms, or HIPAA for healthcare have increased the need for oversight on compliance and regulatory policy implementation, and this has increased the burden on IT teams. To ensure compliance requirements are met organizations should take extra precautions and have an extensive business continuity plan in place shall one of your technology footprints go offline.
    2. Data Privacy: This is another important security challenge that can arise in a hybrid cloud model. Working with hybrid cloud demands flexibility in data movement between on prem infrastructure, public clouds, and private clouds. This poses a challenge to an organization's data privacy policies as there is an increased likelihood that a system can be attacked. Implementing robust encryption policies, strong VPN and endpoint verification are great ways to protect your organization against a security breach.
    3. Distributed Denial of Service (DDoS): One of the most serious types of cyber-attack, the Distributed Denial of Service, is another critical challenge that usually targets a company with one purpose – to overload your resources and take your organization offline. The average annual cost to an organization for DDoS attacks is now over $1.7 million. These attacks have multiple sources, which makes it tough to trace and detect. and typically pose high-risk factor.

      Maintaining a scalable, responsive, stringent monitoring system to track the inflow and outflow that can withstand multi-vector attacks is the best way to manage this risk and this can be difficult if the attackers go after multiple cloud footprints at once. Knowing who is responsible for remediating a DDoS attack can get tricky when the software your organization has purchased is operating on infrastructure you own, and in the cloud. Does taking down one footprint take down your file transfer solution on others?
    4. Service Level Agreements (SLAs): Applying a hybrid cloud means you are handing over data governance and accountability to your public Cloud Service Provider (CSP), or SaaS provider, that is holding your data and operating the infrastructure. If a serious issue occurs regarding your security, your organization must recoup costs according to the SLAs, and in some cases seek legal recourse. It’s important your organization understands the security limitations and accountability is defined. In other words, make sure the SLAs are terms you can live with.
    5. Risk Management: Considering the vulnerabilities and threats, effective risk management and precautionary safety measures need to be taken to protect the organization’s Intellectual Property from potential risks. If your file transfer provider has plans with options for IDS/IPS to scan malicious traffic and detailed admin logs and file logs, it’s important to take advantage of those. If you are hosting on-prem or have purchased the software, then your organization will be responsible for these additional security features. Lastly, it’s important to ensure your provider has firewalls in place, and other security management features such as MFA to block unauthorized access to the platform where you’re storing important data.
    6. Data Redundancy: It’s important for a defined data redundancy policy for backups or disaster recovery, and an understanding of responsibility similarly to other items in this list. A hybrid cloud file transfer solution can make this confusing for organizations. With a hybrid cloud file transfer solution, data redundancy can be achieved by managing multiple data centers from a single or multiple cloud service providers or backing up data with your on-prem servers using an internal policy. During a datacenter outage this will become very useful but can also be difficult to implement as you might need to acquire, install, and configure the software yourself.

    Conclusion

    So which infrastructure solution for file transfer is better – on-premise, cloud, or hybrid cloud? Each business is going to have different business needs and file transfer/file storage requirements.

    If you need full data and cost control, a lot of time on your hands for maintenance and configuration, and your administrators are up for the challenge, an on-premise file server may be the way to go. If it would benefit your organization to offload the infrastructure and platform management to an expert in the field and prefer the additional features without spending time on development, and many other benefits, then cloud-based file transfer is likely your best option. A solution provider such as Sharetru can help you with compliance and regulations as we’ve built a platform for the sharing of highly sensitive data.If you have legacy equipment that you still need to utilize without making a large migration, you may benefit from a hybrid infrastructure file transfer solution that allows for external connections because of the long term storage cost effectiveness and ease of SaaS in the cloud.

    Each of the infrastructures discussed today have their advantages, but it is imperative to know which of them would best fit your operational needs. Still unsure which one to choose? Sharetru can help you decide if our cloud-based managed file transfer solution (MFTaaS) would help your business thrive

     

    Martin Horan

    Martin, Sharetru's Founder, brings deep expertise in secure file transfer and IT, driving market niche success through quality IT services.

    Other posts you might be interested in

    View All Posts