September 5, 2018

    Top 6 Questions to Ask When Comparing Corporate FTP Solutions

    Adopting a new file sharing solution can be a big investment for your company, both from a time and monetary standpoint. So, before you take the leap, you need to be sure you’re choosing the right option.

    As you evaluate all of the corporate FTP solutions on the market, it can be hard to tell how they differ. If every solution claims to be the best option, how can you choose the one that’s actually right for your company? Use the following questions to help you differentiate between the various corporate FTP solutions. The FTP providers’ answers to these questions will give you insight into which solution is best.

    1. How Secure Is My Data?

    This is probably the most important question of all. When you choose a corporate FTP solution, you’re trusting the solution provider to keep your data safe, and to keep hackers at bay. For a secure file sharing solution, choose one that offers a multi-tiered architecture, which requires users to be verified through three different layers of increasing security to access the solution.

    The three layers are the presentation layer, the business layer, and the data layer. The presentation layer is the first – and least secure – layer that users pass through. From the presentation layer, the user’s request is passed to the business layer. This is where the security standards, like user credential verification, multi-factor authentication, IP address verification, and more, are applied. Once the business layer authenticates the user, the request is passed to the data layer.

    There are no security standards too strong for your company, especially when sensitive data is at stake. Ask the FTP host to outline all the security features that their solution can offer your business.

    2. Is the Solution Easy to Use?

    Usability is an essential feature that is regularly overlooked. If you don’t want your employees sharing sensitive data via email, you must choose a corporate FTP solution that’s easy to learn how to use and convenient for ongoing use.

    First, you need to evaluate the platform itself. Is the platform you’re considering simple to navigate? If the solution you choose is too complex, employees aren’t likely to use it.

    Much of secure file sharing falls under the responsibility of the user. In many cases, employee carelessness is the root of data leaks. Employees often share files using easy-to-attack methods. They choose passwords that are simple to crack or irregularly changed. As you’re evaluating corporate FTP solutions, talk to the different vendors about how their solution ensures your employees follow secure file sharing best practices.

    To walk the file line between usability and security, look for solutions with built-in best practices like control over the protocols by which employees share files, or automated prompts for employees to change their passwords. When you can restrict which protocols are active to be used, the decision isn’t left up to the users. It’s the same principle with password changes. With the right solution, the burden of secure file sharing is taken off your employees.

    3. What Control Do I Have?

    Maintaining control over who can access files and how your corporate FTP solution is used can be beneficial from a security and usability standpoint. It’s important to keep your most secure data protected with granular access controls. Look for a file sharing solution that allows your administrators to determine which users can download, upload, or delete specific files. These granular access controls also give you visibility into and a record of who is accessing your files and for what purpose, which can be valuable when it comes to compliance.  

    You should also look for a corporate FTP solution that gives you control over who is accessing your solution based on user country location and user IP address. Country access restriction helps you control what locations your solution is accessible from. As many hackers today may be on the other side of the world, the ability to control country access adds a layer of protection to your solution.

    IP address access restrictions gives you control over which computers and devices are able to access your solution. So, if you limit access to only IP addresses for company-provided computers, login attempts from unauthorized devices are denied, even if the username and password are correct. This means that if one of your employees’ login credentials are stolen, the hacker still couldn’t get into your solution since their computers don’t have an authorized IP address.

    4. Do You Facilitate Encrypted Transfers?

    Encryption scrambles data during transfer, ensuring that if the file is intercepted, the unintended recipient can decipher the data. Talk to the FTP hosts you’re considering about their data encryption policies. You want to feel confident that every file shared is protected in transit. You should also ask about at-rest encryption, too, which protects stored data that isn’t in transit. Also, ask about the strength of encryption. Sharetru, for example, uses 256-bit encryption, so you know that your file transfers are impenetrable by hackers.

    5. Is This FTP Solution Regulatory Compliant?

    If your company is subject to regulatory compliance standards, you need a file sharing solution that enables you to stay compliant, instead of adding more effort on your part. Find a corporate FTP solution that meets your compliance needs, whether they’re related to HIPAA, ITAR, PCI-DSS, SOX, or GLBA.

    One compliance-related component to look for is transparency into server location. With some cloud-based file storage providers, you have no idea where your files are stored, as many have servers located all over the world. This can be a problem if you’re subject to compliance regulations like ITAR, which requires applicable data to be kept out of the hands of foreign parties. Be sure to ask the providers you’re considering about where your data will be stored and the physical security at the location.

    6. Do You Offer Disaster Recovery?

    Whether your data is wiped out by a cyber attack, an important file is accidentally deleted, or the power simply goes out, disaster recovery can save your company a lot of time and frustration. Before you select a corporate FTP solution, you need to verify that it has the disaster recovery capabilities to ensure you never lose important data or productivity.

    Talk to FTP hosts about how often data is backed up. At Sharetru, for example, data is automatically backed up every four hours, so you’ll never lose an entire day’s work. Sharetru also uses the same encryption standards for both in-transit and backed up data.

    As you run through these questions with the different FTP hosts you’re considering, take note of their answers. Make sure the solution you choose aligns with your company’s priorities, like security, usability, compliance, and more. When you ask the right questions, you’re sure to choose the right corporate FTP solution.


     

    Tag(s): FTP

    Martin Horan

    Martin, Sharetru's Founder, brings deep expertise in secure file transfer and IT, driving market niche success through quality IT services.

    Other posts you might be interested in

    View All Posts