In today's everchanging data-centric reality, financial institutions arechallenged by more than just the well-documented cyberattacks. Withlarger quantities of data and more methods available than everbefore for data transfer (including cloud and mobile), there is anincreasing lack of control and transparency over the movement offiles used to do business. And when an organization is dealing withhighly sensitive and highly regulated information, control overthat information is paramount.

To mitigate risks and reduce the scope of work for ITdepartments, financial service institutions need to have manageablefile transfer systems and procedures in place to meet the standardsfor data privacy, integrity and availability across the entire ITinfrastructure. A managed file transfer system helps ensure andmaintain compliance as well as enforce and monitor access controlto prevent vulnerabilities.

IT professionals in financial institutions need to know wherefiles are at all times and be aware of who has access to that data.This is easier said than done, as existing challenges provide addedstress and risks, including:

Security: Losses from cybercrime are estimatedto be in the hundreds of millions of dollars each year. Costs fromthe Target data breach alone exceeded $200 million according to theConsumer Bankers Association. While many financial institutionsconsider these losses to be the cost of operating in cyberspace,increasingly complex security issues are threatening to send thesecosts skyrocketing, calling for greater control over the movementof sensitive data.

Compliance: Organizations are taking a unifiedapproach to understand the coupling between compliance andsecurity. The Gramm-Leach Bliley Act of 1999 requires financialinstitutions to establish policies, standards and procedures tosafeguard their customers' personal financial information. The 2002Sarbanes-Oxley corporate accountability reforms demanded financialinstitutions provide extensive reporting on their informationsecurity. Also the Federal Financial Institutions ExaminationCouncil is empowered to mandate additional standards and reportsfor the examination of financial institutions by federalorganizations. With so many regulations with which to comply,financial institutions need better oversight over data transfer.Manual file transfer processes fail to meet this demand.

Scope: IT organizations are being asked to domore with the same size staff. The required skillsets acrosstechnologies and audits overwhelm IT departments that lack theresources to manage everything in-house. As a result, chiefsecurity officers are finding alternative solutions in order tomaintain the vigilance and oversight required to protect anorganization's data.

The good news for IT departments is that automated MFT, ormanaged file transfer, from software-as-a-service vendors providesolutions to these industry challenges. MFT solutions address theabove issues in the following ways:

1. Enhance Security:While most people consider security to be a technology problem, itis increasingly a people problem due to a lack of awareness andeducation. MFT reduces human error by adding automation andaccountability to file transfer processes, which improves theoverall security posture of the organization. Automated MFTprovides better transparency into operations, and helps ITdepartments better understand the movement of data and securityrisks within the organization.

2. Maintain Compliance: Whether a bank isusing MFT internally, or for the exchange of data with businesspartners, accurate accounting is critical for system administratorswho need to satisfy their auditors and maintain compliance. MFTvendors who are able to authenticate the user and provide strongaudit trails help the IT staff track files and downloads to meetindustry requirements. MFT also provides data loss prevention andextends reliability and availability by preventing and detectingunauthorized breaches or any improper transfer of data.

3. Minimize IT Scope of Work: Using an MFTsolution allows organizations to transition away from aninterrupt-driven environment to gain control with an automatedsystem and greater oversight. There is no longer a need to put outone fire after another because IT can implement order into filetransfer processes. Additionally, security professionals are inhigh demand and organizations realize they can take advantage ofSaaS to lower their acquisition costs.

It is rare today for an IT team to possess the skills necessaryto meet the increasing number of requirements being foisted uponthem. The number of regulations to meet the rising cyber threatsrequires more work for IT teams (most are already stretched toothin). Therefore, they need additional bandwidth to transform theiractions from reactionary to preemptive and to develop actionableinsight for senior leadership. MFT provides critical transparencyinto events and notifies IT teams when potential threats arise.Better context and education on the movement of sensitive financialdata can improve productivity and reduce the risk of major databreaches and economic losses.

Ennio J. Carboni is EVP of Customer Solutions at theBoston-based technology firm Ipswitch. He can be reachedat [email protected] or(781)-645-5590.