Secure file transfer is a buzzword. Today, most IT professionals interpret it in many ways, ranging from “encrypted file sharing” to “confidential information transfers.” Despite the nuances of defining this term, several common misconceptions still exist in the industry. Here are six myths about secure file transfer that need to be dispelled.

1. Every business-grade file sharing platform is secure

Just because a file sharing platform is labeled as business-grade doesn’t mean that it is a great fit for your enterprise. Some business-grade solutions don’t include key administrative features such as activity monitoring and granular user permissions.

Beware of terminology: business-grade and enterprise-grade are two different things. Enterprise grade typically is more robust, products such as SmartFile include features compliant with HIPAA regulations that healthcare organizations and contractors need.

Try a Smarter Secure File Transfer Solution

Try SmartFile free for 14 days, no credit card required. Just a few questions to get started…

2. All encryption is created equal

Encryption comes in many different forms. Today, most secure file transfer services boast of encryption. However, even if the encryption is AES (the highest quality available on the market), many services only offer in-transit encryption.

True security isn’t just encrypting a message from Point A to Point B. Especially for on-premises products, encryption should include encryption in transit and at rest. In the case of a data breach or hacker, the compromised files will most likely be at rest, and thus needing encryption. If the box is accessed, the data is essentially unusable.

3. I only need secure file transfer if I deal with sensitive data

Whether it’s personally identifiable information (PII), intellectual property or company documents, the competitive environment of today’s world has called for increased information security. It’s not only regulated industries like hospitals or banks who need to protect their information.

Contracting with healthcare providers requires HIPAA compliance, and any PII should be protected. However, not all companies are operating in such a fashion. For example, 70% of mortgage companies were sending borrower information and financials via unencrypted email and thus putting their privacy at risk.

4. I know all the programs my employee use to send information

Shadow IT is a real problem. IT departments said in a survey they expected the number of cloud services used by employees to be (average) 51. The actual answer was 730 — 15x more than expected.

This stat shows how great the disconnect is between IT, management and employees on file storage and transfer. If IT can’t track where employees are storing files and who is accessing those files, then they have no hope of identifying or containing a data breach.

5. Email is just as secure

No, email is not secure. Sure you can go ahead and use it for company communication but if you are sending financial attachments or other sensitive documents, a secure file transfer platform is a better bet. With the prevalence of data breaches and 29% caused by human error, email is a loose thread in your security protocol. Most email is unencrypted, meaning hackers can intercept your information freely.

“Email, by its very nature, is unsecure: 99.9% of it is sent unencrypted. If it was invented today no one would use it. Emailing unencrypted documents ‘in the clear’ creates a potential chain of issues.”

Graham Cluley

6. I don’t need a file transfer policy for my employees

Every company needs a file transfer policy. Employees should not be making subjective judgment calls on whether or not their communication includes sensitive information. The average organization is using 61 file sharing services and 175 collaboration tools.

With all the applications and software being used — many of which are brought in by employees but never approved by administration — it is imperative that your organization has a policy. What tools are permitted for employees? Are there client documents that should never be sent using specific, low-security platforms? Most employees won’t be asking these questions. It’s up to administration and management to set these expectations.

Once you’ve set the expectations, acknowledge that employees may not follow the policy. It’s up to you to educate employees on the well-founded reasons for your policy, and give employees the tools to follow policy. One of these tools is an enterprise-grade secure file transfer platform. If you are unsure of where to start, we can help. Give us call as we’d be happy to help determine the policy and solution that is best for your organization. Whether it’s as simple as cloud solution, or as robust as on-prem we have the answer.

Try a Smarter Secure File Transfer Solution

Try SmartFile free for 14 days, no credit card required. Just a few questions to get started…

Leave a Reply

Your email address will not be published. Required fields are marked *