Professional Documents
Culture Documents
SEEBURGER MFT A Secret Corporate Weapon EN PDF
SEEBURGER MFT A Secret Corporate Weapon EN PDF
www.seeburger.com
I N T R O D U CT I O N
Executive Summary
How many times have you struggled to send a large file to someone, particularly when you are in a hurry?
How often has your business suffered (along with your nerves) when a file arrived late for system processing,
or even at all? If the answer to these questions is ‘lots’, then you will be pleased to know help is available…
…we no longer have to put-up with restricted e-mail attachment sizes (typically 8MB), nor do our systems
remain at the mercy of outdated forty-year-old transfer protocols such as FTP. The new world order consists of
a little-known secret corporate weapon known as MFT, and when deployed properly can help you:
1. Control
Intellectual
Property (IP)
2. Demonstrate
Compliance
3. Focus on
Core Business
This paper uses three real-world business scenarios to illustrate how MFT can deliver the above core benefits.
We hope that you find this paper informative and use it as motivation to change the file transfer landscape
within your organization for the better (no matter which vendor you choose to embark upon your MFT
journey with).
Ian N Goldsmith
Business Development Director
2
Putting Your Business Front and Centre
To be clear from the outset, this is not your average whitepaper written and published by a software vendor
supplier. Why? Because the most important thing to your professional life, i.e. your business, is going to be
placed front and center stage from the outset. What good is it if the virtues of a particular technology are
extolled before fully understanding the extent of the challenges and requirements faced by businesses?
The credibility of such business understanding not only It is this experience (and more) that this paper draws upon
derives from our 30-year history as a software vendor in in order to bring your attention to the right way to move files
helping over 10,000 customers the world over securely around with MFT, without having to resort to last ditch risk
exchange information on a daily basis, but also because of laden measures that could have a negative impact on you
the author’s personal involvement with helping all manner of and your company further down the line. This paper does so
business’s securely move files throughout a 25-year career by identifying three main business scenarios that capture
in IT. He also has first-hand experience of being placed in all manner of file transfer usage requirements the author
highly pressurized situations requiring large and sensitive has witnessed over the years. It is hoped that at least one
files to be delivered by a deadline. What’s more, because business scenario can be clearly identified with, and that
the appropriate corporate tools were not made available, the scenario(s) resonate enough into prompting a change to
he was left with no option other than to resort to ‘unfit for the file transfer landscape within your organization by way
purpose’ solutions to simply get the job done. Not pretty, not of deploying an MFT solution.
clever, just needs must situations that could have otherwise
been avoided with a little foresight and investment in the
right technology solutions such as MFT.
3
S C E N A R I O S
CAD BMP
PSD MOV
Potential Solution: Use Technology That Is Already In Place (and ‘freely‘ accessible)
The above scenario could relate just as much to a service being developed rather than a tangible product per
say. The highlighted words above show the operative parts of the requirement, no matter a product or service,
i. e. files that are fundamental to the development and marketing of the offering need to be securely shared
outside of the organization.
This essentially boils down to a requirement for humans In trying to address the requirement of human-oriented file
to be able to share files securely with other humans as transfer by way of technology that is already in place, or
depicted in Figure 1. This is known as human-oriented file personally accessible to employees, chronologically this is
transfer. typically how things pan-out:
One option to meet this human-oriented file transfer 1. Try sending the files with corporate e-mail, but realize
requirement (as we will see throughout all of the business they are too big for the e-mail server, therefore…
scenarios) is to use whatever technology is already in place, 2. Try compressing the files (ZIP’ing), but realize they are
even if it is not ideally fit for purpose. In this case, the option still too big for the e-mail server, therefore…
nearly always extends to employees’ personal choice of 3. Try sending the files with personal e-mail, but realize
technology not approved by their employer (and thus not only the smaller files get through, therefore…
under corporate control) when the corporate tools can’t a. Use a personal file sharing service such as DropBox,
get the job done. This situation is not without problems as Hightail etc.
illustrated below. AND/OR
b. Write the files to physical media such as a USB Stick,
Flash Drive, Disc etc. and post/courier.
Product Dev. Team Product Dev. Partners
Marketing Team Advertising Agencies
Using the technologies highlighted above that are typically
x security CAD BMP x control already in place and that are accessible for ‘free’, will get
@ the job done to a certain extent. However, this is not without
introducing some major risks.
PSD MOV
USB
x visibility x speed
4
Recommended Solution: Managed File Transfer (MFT)
By making an MFT solution available to the Product Product Dev. Team Product Dev. Partners
Development and Marketing teams, they will be able Marketing Team Advertising Agencies
to securely collaborate with development partners and
advertising agencies alike in order to maximize competitive security CAD BMP control
advantage without compromising security. This is achieved
by mitigating against the risks associated with conventional
existing technologies such as e-mail, ZIP compression,
PSD MFT MOV
physical storage + post/couriers.
visibility speed
x E
-Mail is sent in the clear (unencrypted) making E-Mail is encrypted, meaning that even if it were
Security it incredibly easy for information to be gleaned intercepted, its contents are unlikely to ever be
should it be intercepted. The same is true of compromised. Additionally, most MFT solutions
data written to physical media which is then now support two-factor authentication.
posted.
x U
sing personal e-mail and file sharing services Third party personal e-mail accounts, file
means that data is no longer corporate sharing services and postal services/couriers
Control controlled. The same is true when using a are no longer needed, therefore total corporate
postal/courier service to deliver physical control over the exchange of files can be
media, i.e. control is lost. exercised.
x W
ith personal e-mail and file sharing services, Every file transfer activity is logged in the MFT
Visibility there is no corporate visibility into activity. server. This is presented as a visible audit-
The same is true when using a postal/courier trail, especially important when demonstrating
service (albeit reduced with tracking services). compliance.
x W
riting files to physical media and posting/ With a simple plug-in, a corporate’s regular
couriering introduces unwanted delay – slow- e-mail client can be utilized for sending files
Speed ing product development down and potentially securely, meaning no time is wasted in having
jeopardizing competitive advantage. to switch to a separate interface to use the MFT
solution.
Summary
If running the risk of security being compromised, control corporate e-mail, physical media and third party file sharing
being relinquished, visibility being diminished and speed services. Alternatively, with the investment of just a little
being restricted is acceptable to your business, then go- bit of time, effort and money into an MFT solution, the risks
ahead and utilise what is already available to you by way of mentioned above can be easily mitigated against.
5
S C E N A R I O S
SQL TXT
As before, one option to meet this system-oriented file
transfer requirement is to use whatever technology is
already in place within an organization, even if it is not
Figure 4 – System-Oriented File Transfer
ideally fit for purpose. This situation is not without problems
as illustrated in Figure 5.
6
Recommended Solution: Managed File Transfer (MFT)
By using an MFT solution to exchange files between the Headquarters Subsidiaries
subsidiaries’ EPOS/stock control systems and HQ’s ERP
system, the business can operate safe in the knowledge
that the sales information used to control current stock cost Idoc DAT audit-trail
levels and predict future levels is accurate, and that
pricing adjustments, promotions and catalogue updates
are accurately reflected with consistency across the entire
SQL MFT TXT
business ecosystem.
speed compliance
x S
upporting a ‘free’ protocol such as FTP incurs MFT empowers businesses with limited techni-
a cost of employing staff with the technical cal knowledge to monitor and control file trans-
Cost competence to manage frequent changes to fer activity easily and cost effectively through a
the IT landscape, e.g. script maintenance, simple User Interface (UI).
scheduling, remedial file action etc.
x U
sing a protocol such as FTP often results in un- If a file transfer were to be interrupted mid-
desired delay due to incomplete files, duplicate flight, e.g. loss of network, loss of power etc.,
Speed files, incorrectly named/located files etc. then automatic checkpoint/restart capability
ensures that time is not wasted in transferring
the file from the beginning again.
x S
hared storage doesn’t provide an activity log A comprehensive audit trail captures all file
Audit that can be used for audit trail purposes – let transfer that has taken place across the entire
Trail alone providing any notion of non-repudiation MFT landscape.
in the event of a file dispute.
x C
ontrolling what can and can’t be transferred
With increasing demand to uphold internal
Compli- is difficult to implement without a rules based standards and comply with external regulations,
ance approach. a ‘single source of truth’ audit trail provides
demonstrability of compliance.
Summary
If you are comfortable with the potential risks of costs esca- Alternatively, with the investment of just a little bit of time,
lating, speed being restricted, audit trails lacking and hav- effort and money into an MFT solution, the risks mentioned
ing no notion of compliance, then go-ahead and utilise what above can be easily mitigated against when exchanging
is already available to you by way of FTP and shared storage. subsidiary data.
7
S C E N A R I O S
In reality this means providing a method for insurance information numerous times (often due to poor process/
companies and police forces to obtain the recorded evidence form design), not knowing where their claim is in terms
stored on peoples’ mobile devices. Such evidence would of progress through the system etc. For those insurance
typically consist of still pictures, videos, written descriptive companies and police forces that embrace digitalization,
words, GPS location data etc. This needs to ultimately end-up there stands a higher chance of improving the quality of
in the hands of the insurance companies and police forces so service provided. However, if they elect to do this by trying
that it can be processed accordingly as shown in Figure 7. This to utilize existing technology that is already in place, there
is otherwise known as human-to-system file transfer. may very well turn-out to be problems as illustrated below.
Customers Insurance Companies
Both the insurance industry and police forces are generally General Public Police Forces
binary when it comes to appetite for embracing new
technology. That is, they tend to either be technology JPG JPG
adverse OR they are all in for digitalization wherever
possible. For those that prefer to remain paper/process
based, this will ultimately lead to customer dissatisfaction
MOV MOV
for a number of reasons, e.g. having to wait for seemingly
inordinate amounts of time for claims to be processed
(let alone payments made), having to provide the same Figure 7 – Human-to-System File Transfer
This is a situation very similar to that illustrated in Business company or police force. This is all rather long-winded and
Scenario #1: New Product Development on page 4. That is, too technical for the average customer and member of the
the first attempted method of transfer will involve the user public. Also, there will be concerns that highly sensitive
trying to e-mail the evidence from their mobile device to a evidence will be stored on the service providers’ servers, of
generic e-mail address for the insurance company or police which the geo-location of data cannot be restricted.
force. To re-cap, not only is e-mail sent in the clear but the
e-mail server limit will most likely restrict the amount of x security x simplicity
JPG JPG
evidence that can be sent – not a good situation. File sharing
@
apps. such as DropBox and Hightail will most probably then
be turned to as they have a much higher threshold in terms
of data volume. The problem however is that the user will MOV MOV
have to download and install (if they haven’t already) an x speed x control
app, register an account, upload the information to their
storage area, and then make it available to the insurance Figure 8 – Existing Technologies and their Associated Risks
8
Recommended Solution: Managed File Transfer (MFT)
With MFT, a freely available app can be given to users and General Public Police Forces
members of the public that guides/prompts the user through
the whole process of securely sharing the captured evidence security Idoc DAT simplicity
on their mobile device with their insurance company or local
police force. This not only takes the onus away from the user
in having to figure out their own way of sending the evidence,
but also ensures that no details are missed during a time SQL MFT TXT
when the user may not be thinking clearly owing to highly speed control
stressful situations, e. g. being involved in a vehicle accident,
witnessing a crime in progress etc. Figure 9 – Benefits of MFT for Human-to-System Significant Event Reporting
Security x E
-Mail is sent in the clear, i.e. it is not encrypted. Evidence is sent across a secure channel from
This makes it incredibly easy for information to directly within the app.
be gleaned should e-mails be intercepted.
x The average user will not have the technical A simple to use single app ensures the user
capability to download, install, register, and submits all necessary elements of evidence
Simplicity use a file sharing service app such as DropBox, with the minimum of complexity.
Hightail etc.
x E
very minute wasted in submitting evidence No time is wasted in the user having to figure-
Speed ultimately affects the quality of service. In the out their own method for sending evidence.
case of crime reporting this can be critical to Additionally, pre-registering users on the app
catching the perpetrators of crime. saves time by them not having to enter their
credentials.
x
With the use of file sharing service apps. such The app enables complete in-house control of
as DropBox, Hightail etc., highly sensitive data potentially highly sensitive data, meaning the
Control
is no longer under the control of the insurance risk of it being stored on third party file sharing
company or police force. servers (where data cannot be geographically
restricted) is negated.
Summary
If running the risk of security being compromised, simplicity sharing services. Alternatively, with the investment of just a
being abandoned, speed being restricted and control being little bit of time, effort and money into an MFT solution, the
relinquished is acceptable to you, then go-ahead and utilise risks mentioned can be easily mitigated against.
what is already available by way of regular e-mail and file
9
C U S T OM E R S U C ESS S TO R I ES
The objective of BSH was to complete the new set up of the entire file transfer process with external development
partners to a single solution from one source within the framework of a PDM/PLM consolidation. During this process,
factors such as future security, modern interfaces and up-to-date technologies were to be taken into account. At the
end of the decision making process, SEEBURGER‘s MFT solution was chosen as best fit.
“With the new, future-proof software, everything is provided from one single source. BSH has also been able to make
significant savings due to the phasing out of the old ad-hoc transfer solution.”
Raiffeisen Informatik chose SEEBURGER‘s MFT for its highly configurable technology and comprehensive technical
capabilities to add to its customer-friendly service offering for its banking and insurance customers.
“In addition to providing an easy to use service and the technical specifications needed, SEEBURGER also offers a
flexible licensing model based on actual usage of the service. This means our customers are using a high value, lower
cost service.”
Johannes Freudl, Team Leader – Managed File Transfer, Raiffeisen Informatik GmbH
> Read more
AllianderAlliander N.V. – leading distributer of energy such as electricity, (bio)gas and heat
“We evaluated seven different MFT platforms before selecting SEEBURGER. Within Alliander we saw resistance to using
an MFT platform in the beginning – because NAS shares are so easy to implement. Today we see an understanding for
Managed File Transfer and it’s now a prerequisite for every project.”
10
S U M M A R Y
We hope that you found this paper informative and will use
it as motivation to change the file transfer landscape within
your organisation for the better (no matter which vendor you
choose to embark upon your MFT journey with).
11
www.seeburger.com
www.seeburger.com/global-offices
01/2019 © SEEBURGER AG