In today's ever changing data-centric reality, financial institutions are challenged by more than just the well-documented cyberattacks. With larger quantities of data and more methods available than ever before for data transfer (including cloud and mobile), there is an increasing lack of control and transparency over the movement of files used to do business. And when an organization is dealing with highly sensitive and highly regulated information, control over that information is paramount.

To mitigate risks and reduce the scope of work for IT departments, financial service institutions need to have manageable file transfer systems and procedures in place to meet the standards for data privacy, integrity and availability across the entire IT infrastructure. A managed file transfer system helps ensure and maintain compliance as well as enforce and monitor access control to prevent vulnerabilities.

IT professionals in financial institutions need to know where files are at all times and be aware of who has access to that data. This is easier said than done, as existing challenges provide added stress and risks, including:

Security: Losses from cybercrime are estimated to be in the hundreds of millions of dollars each year. Costs from the Target data breach alone exceeded $200 million according to the Consumer Bankers Association. While many financial institutions consider these losses to be the cost of operating in cyberspace, increasingly complex security issues are threatening to send these costs skyrocketing, calling for greater control over the movement of sensitive data.

Compliance: Organizations are taking a unified approach to understand the coupling between compliance and security. The Gramm-Leach Bliley Act of 1999 requires financial institutions to establish policies, standards and procedures to safeguard their customers' personal financial information. The 2002 Sarbanes-Oxley corporate accountability reforms demanded financial institutions provide extensive reporting on their information security. Also the Federal Financial Institutions Examination Council is empowered to mandate additional standards and reports for the examination of financial institutions by federal organizations. With so many regulations with which to comply, financial institutions need better oversight over data transfer. Manual file transfer processes fail to meet this demand.

Scope: IT organizations are being asked to do more with the same size staff. The required skillsets across technologies and audits overwhelm IT departments that lack the resources to manage everything in-house. As a result, chief security officers are finding alternative solutions in order to maintain the vigilance and oversight required to protect an organization's data.  

The good news for IT departments is that automated MFT, or managed file transfer, from software-as-a-service vendors provide solutions to these industry challenges. MFT solutions address the above issues in the following ways:

1. Enhance Security: While most people consider security to be a technology problem, it is increasingly a people problem due to a lack of awareness and education. MFT reduces human error by adding automation and accountability to file transfer processes, which improves the overall security posture of the organization. Automated MFT provides better transparency into operations, and helps IT departments better understand the movement of data and security risks within the organization.

2. Maintain Compliance: Whether a bank is using MFT internally, or for the exchange of data with business partners, accurate accounting is critical for system administrators who need to satisfy their auditors and maintain compliance. MFT vendors who are able to authenticate the user and provide strong audit trails help the IT staff track files and downloads to meet industry requirements. MFT also provides data loss prevention and extends reliability and availability by preventing and detecting unauthorized breaches or any improper transfer of data.

3. Minimize IT Scope of Work: Using an MFT solution allows organizations to transition away from an interrupt-driven environment to gain control with an automated system and greater oversight. There is no longer a need to put out one fire after another because IT can implement order into file transfer processes. Additionally, security professionals are in high demand and organizations realize they can take advantage of SaaS to lower their acquisition costs.

It is rare today for an IT team to possess the skills necessary to meet the increasing number of requirements being foisted upon them. The number of regulations to meet the rising cyber threats requires more work for IT teams (most are already stretched too thin). Therefore, they need additional bandwidth to transform their actions from reactionary to preemptive and to develop actionable insight for senior leadership. MFT provides critical transparency into events and notifies IT teams when potential threats arise. Better context and education on the movement of sensitive financial data can improve productivity and reduce the risk of major data breaches and economic losses.

Ennio J. Carboni is EVP of Customer Solutions at the Boston-based technology firm Ipswitch. He can be reached at [email protected] or (781)-645-5590.