Sensitive Documents Now are Exchanged

Are they secure?

FTP connections created  by tech savvy users may  impact your company and livelihood.  This vulnerability must be addressed as you did with other, more dangerous challenges have not been finalized.  Or, you may have made much progress, but were not aware of the extent of FTP connections occurring at plants and offices.  First step – interview and gain trust.Fortunately correction and management using your existing EDI and FTP systems’ capability can readily prevent a costly and visible data breach.  These systems have tools that makes configuration exact, reliable, and economical.

FTP connections are opened for the manual exchange of strategic information such as

  1. Payroll information
  2. Benefit enrollment
  3. Engineering drawings
  4. Marketing plans, video, audio, and graphics
  5. Prices and discounts
  6. XML and database files
  7. Check images and other banking items
  8. Adobe .pdf files
  9. Point-of-Sale data
  10. More

The challenge is to make this exchange hassle free for users, yet effective, reliable, fast and secure.

A new process to exchange these documents is done manually using Windows Explorer™ drag and drop.  You set the secure Directory and Folder.  The user, finding this easy, will gladly cooperate.  The user’s supervisor will also appreciate standardization.  As a plus, no external party can push data to internal systems through open ports.

While Win Zip and other PGP utilities provide file encryption, they do not provide

  • Easy revocation when an employee leaves.  FTP sites should be closed when email access is revoked.
  • Standard configuration across your industry.  This sharply reduces negotiation with customers and vendors.
  • Range of ports and dynamic IP addresses

It is necessary to correctly configure your firewall’s DMZ for reverse proxy (to hide internal servers when sending outbound messages).  This also improves management of authentication (certificates).

Since your EDI system has focused upon data security since the early ‘90’s, it’s a good place to configure.  It likely supports AS2, AS3, HTTPS, FTPS, SFTP, and ebX ML.  Lastly, it tracks data delivery.

The time “investment” to properly configure miscellaneous FTP sites for a mid-sized business is about 24 hours.  Primarily, the time is needed for learning of the sites, persuading and educating users, and standardizing use for their supervisors.  The time needed to launch, working together with DCS is about 16 hours.  After stability, about an hour week will suffice.

 Conclusion

The data transmission capabilities of EDI and FTP systems are sophisticated, yet frequently unknown by network administrators.  It makes sense to utilize existing technology; time can be saved by having an expert set the first few instances.  This added level of security at a low cost and enhanced skill sets will improve your company’s stature.  The first step is easy, email DCS for your FREE Assessment.

EDI System Options | EDI Consulting Specialists at DCS