Are You Avoiding These Top 10 File Transfer Risks?

Similar documents
GoAnywhere MFT System Architecture Guide. For High Availability, Scaling, and Performance

AN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

AN IPSWITCH WHITEPAPER. 7 Steps to Compliance with GDPR. How the General Data Protection Regulation Applies to External File Transfers

PCI DSS and VNC Connect

SECURE DATA EXCHANGE

File Transfer and the GDPR

Get the Most Out of GoAnywhere: Achieving Cloud File Transfers and Integrations

Securing Amazon Web Services (AWS) EC2 Instances with Dome9. A Whitepaper by Dome9 Security, Ltd.

Crash course in Azure Active Directory

A (sample) computerized system for publishing the daily currency exchange rates

Five Ways to Improve Electronic Patient Record Handling for HIPAA/HITECH with Managed File Transfer

Best Practices (PDshop Security Tips)

IT & DATA SECURITY BREACH PREVENTION

Protect Your Application with Secure Coding Practices. Barrie Dempster & Jason Foy JAM306 February 6, 2013

Cloud-Based Data Security

BEST PRACTICES FOR PERSONAL Security

Simple and Powerful Security for PCI DSS

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Meeting GDPR Requirements with GoAnywhere MFT

Security Best Practices. For DNN Websites

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

What Dropbox Can t Do For Your Business

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

Streamline IT with Secure Remote Connection and Password Management

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

PCI Compliance. What is it? Who uses it? Why is it important?

Identity & Access Management

Cyber security tips and self-assessment for business

Data Breaches: Is IBM i Really At Risk? All trademarks and registered trademarks are the property of their respective owners.

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7


Remote Desktop Security for the SMB

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Secure Access & SWIFT Customer Security Controls Framework

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Recommendations for Device Provisioning Security

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

Presented by. GoAnywhere.com

epldt Web Builder Security March 2017

Secure and Streamline your File Transfers with the new GoAnywhere 5.4 Release

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Introduction. The Safe-T Solution

The Dropbox Problem: It s Worse than You Think

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

HIPAA Regulatory Compliance

CPM. Quick Start Guide V2.4.0

Cybersecurity Conference Presentation North Bay Business Journal. September 27, 2016

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

DreamFactory Security Guide

ALIENVAULT USM FOR AWS SOLUTION GUIDE

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

SECURITY THAT FOLLOWS YOUR FILES ANYWHERE

Awareness Technologies Systems Security. PHONE: (888)

Indicate whether the statement is true or false.

Contents. Is Rumpus Secure? 2. Use Care When Creating User Accounts 2. Managing Passwords 3. Watch Out For Symbolic Links 4. Deploy A Firewall 5

CPE Webcast Encrypting PDF Files in Attachments: Reduce Risk, Automation & Compliance Presented by: Sponsored by:

PCI DSS Compliance. White Paper Parallels Remote Application Server

Deploy and Configure Microsoft LAPS. Step by step guide and useful tips

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Understand & Prepare for EU GDPR Requirements

Cyber Security Updates and Trends Affecting the Real Estate Industry

Application Firewalls

SECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA

Locking down a Hitachi ID Suite server

2017 Results. Revealing the New State of IBM i Security: The Good, the Bad, and the Downright Ugly

IT SECURITY FOR LIBRARIES PART 1: SECURING YOUR LIBRARY BRIAN PICHMAN EVOLVE PROJECT

Understanding Perimeter Security

Firewall Configuration and Management Policy

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Information Technology Enhancing Productivity and Securing Against Cyber Attacks

SERV-U MANAGED FILE TRANSFER SERVER FTP SERVER SOFTWARE FOR SECURE FILE TRANSFER & FILE SHARING

Encrypting PHI for HIPAA Compliance on IBM i. All trademarks and registered trademarks are the property of their respective owners.

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com

How Managed File Transfer Addresses HIPAA Requirements for ephi

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

DHIS2 Hosting Proposal

Cyber Risks in the Boardroom Conference

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

2. Firewall Management Tools used to monitor and control the Firewall Environment.

Any conversation about virtualization for small- and medium-sized businesses (SMBs) usually starts around

5 Must-Have Magento Security Plugins

What s New in GoAnywhere MFT 5.6?

What are PCI DSS? PCI DSS = Payment Card Industry Data Security Standards

Minfy MS Workloads Use Case

How NOT To Get Hacked

Contents. SSL-Based Services: HTTPS and FTPS 2. Generating A Certificate 2. Creating A Self-Signed Certificate 3. Obtaining A Signed Certificate 4

ALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation

HikCentral V1.3 for Windows Hardening Guide

What s New in GoAnywhere MFT 5.7

StorageZones Controller 3.4

Disk Encryption Buyers Guide

Introduction With the move to the digital enterprise, all organizations regulated or not, are required to provide customers and anonymous users alike

Layer by Layer: Protecting from Attack in Office 365

LOGmanager and PCI Data Security Standard v3.2 compliance

Transcription:

Are You Avoiding These Top 10 File Transfer Risks?

1. 2. 3. 4. Today s Agenda Introduction 10 Common File Transfer Risks Brief GoAnywhere MFT Overview Question & Answer HelpSystems Corporate Overview. All rights reserved.

Today s Presenter Rick Elliott Lead Solutions Consultant HelpSystems

Introduction Have you ever caught yourself saying? We don t have an IT department, so I FTP from my desktop. We re a small/medium sized company we don t have to worry about these things. We re a large corporation I m pretty sure we have this covered. It s OK, our network administrators will take care of this. It s OK, our system administrators will take care of this. We ve never been hacked!

Some data breach statistics According to the Identity Theft Resource Center, there were 1,093 data breaches in 2016, which was a 40% increase over 2015. Worldwide spending on security-related hardware, software, and services rose to $73.7 billion in 2016 from $68.2 billion a year earlier. (Source: Bloomberg Technology)

Still think you aren t vulnerable? Do you have a password guessing feature on your FTP server? Is it activated? Do you force password changes on a regular interval? Do you have DOS and Brute-Force features? Are they enabled? Do you have Malicious Name features? Are they enabled? Is your Anonymous functionality disabled? Do you have password intelligence built in? Do you utilize 2-Factor Authentication? Is your MFT Server old? Do you use Freeware?

The elephant(s) in the room

The elephant(s) in the room Reports of Tens of Thousands and sometimes Millions of points stolen and used for fraudulent bookings.

The elephant(s) in the room

The elephant(s) in the room 1.5 Million records leaked. Official statement from ESEA was that the hacker requested $100,000 ransom.

The elephant(s) in the room

The elephant(s) in the room EVERY SINGLE ACCOUNT WAS HACKED 3 Billion!

The elephant(s) in the room

The elephant(s) in the room 40 Million Instances of Credit and Debit Card Information were stolen!

The elephant(s) in the room

The elephant(s) in the room 143 Million American s information was exposed!

The elephant(s) in the room

The elephant(s) in the room Are you SURE?

Risk #1: Giving away user IDs and passwords via FTP transfers Risks: FTP isn t a secure transfer protocol. User credentials aren t encrypted in FTP transfers they re sent in the clear. This data can be sniffed and stolen during transit. Solutions: Use secure protocols like SFTP, OpenPGP, FTPS, HTTPS/AS2. Always ensure user IDs and passwords are encrypted, even at rest! Never store your user IDs and passwords on your local computer. Always disable the Anonymous account!

Risk #2: Sending unsecured plain text emails Risks: Communicating sensitive data through email. Storing email data on Exchange Servers. Sending emails to wrong address. Solutions: Utilize a Secure Mail Server. Don t allow sensitive data to be kept in the Exchange Server. Take advantage of encrypted file storage retrieval with password access.

Risk #3: Exposing data to the DMZ (Demilitarized Zone) Risks: Files are often temporarily stored in the DMZ by trading partners. These files are at a higher risk of being accessed by hackers. The DMZ is more exposed to the internet. Using the DMZ can require the use of manual scripts. This = more vulnerabilities. Solutions: Install a Reverse Proxy Gateway. Keep all data inside your private network. Only allow access upon user authentication. NEVER store data on a DMZ Server!

Risk #4: Having open ports in your network Risks: Inbound firewall rules allow hackers to gain basic system access. This can allow them enough privileges to compromise your systems. This gives access to critical applications & services. This allows potential direct access to your production systems. Solutions: Communicate through a reverse proxy. Don t allow inbound firewall rules from DMZ or Internet. Ensure you maintain PC firewalls and security patches.

Risk #5: Using your own proxy software Risks: Often older technology Misleading or incorrect configurations Inbound and outbound port configurations required Solutions: Use modernized reverse proxy technology. Maintain proxy control within your Private Network, not in the DMZ. Don t have inbound ports into the Private Network.

Risk #6: Writing and maintaining scripts Risks: Manual scripts prone to human error Replicated and duplicated scripts Time-consuming to track down and fix problems No centralized auditing and alerting Lack of security mandates and compliance reporting Solutions: Use centralized and generic role-based scripting solutions. Receive automated notifications from error handling routines. Implement detailed logging and auditing functionality to support compliancy and federal, state, and local mandates.

Risk #7: Using free, outdated PC applications Risks: Dedicated personnel is needed for administration. There s assumption of mandate and compliancy regulation reporting. They re dependent on community advice and reporting for issues, bugs, and updates. Solutions: Use certified security software with administration, training, and education. These solutions are trusted, with certified compliancy and mandate reporting. They are regularly updated and include feature rich product enhancements.

Risk #8: Not having proper key and certificate management Risks: This opens the door to your system for anyone to get access. Stolen userid s and passwords can be utilized by anyone. Access to certificate or key authentication is compromised. Command line access to key management = vulnerable. Solutions: Install a secured, encrypted key management system. Implement role-based and logged access to key or certificate updates. Use centralized access for all communication key and certificates.

Risk #9: Lacking internal security controls Risks: Internal security controls are often overlooked. These include: Customer sign-ons Allowed IP addresses Automatic IP blacklists Unblocked brute-force attacks Solution: Get granular with your cybersecurity. Build a secure infrastructure that allows communication with controlled access.

Risk #10: Not securing your system with the right permissions Risks: Did you see what we ve been talking about? Bueller? Bueller?? Anyone??? YOU ARE VULNERABLE IF YOU USE FTP! Solution: Just say no! Disable FTP! Use SFTP or FTPS or HTTPS/AS2 for communication security!

GoAnywhere MFT Overview HelpSystems Corporate Overview. All rights reserved.

Secure your front door! GoAnywhere MFT allows you to communicate securely through your DMZ using NO inbound firewall rules into your private network. Round-Robin load balancing to a clustered installation provides High Availability and faster throughput!

Alternatives to FTP (internal & external) Agents With GoAnywhere MFT agents, IT admins can: Enjoy centralized control of remote file transfers and workflows Create Agent Templates with registration rules to easily deploy Agents on a large scale Monitor remote locations for new, modified and deleted files on the system

Alternatives to FTP (internal & external) Agents With GoAnywhere MFT agents, IT admins can: Enjoy centralized control of remote file transfers and workflows Create Agent Templates with registration rules to easily deploy Agents on a large scale Monitor remote locations for new, modified and deleted files on the system

Alternative to secure data in Exchange Secure Mail The Secure Mail module in GoAnywhere MFT allows your employees to send messages and files as secure "packages" on an ad-hoc basis. Recipients will get an email with a unique link to each package, allowing them to download the message and files through a secure HTTPS connection. This is a great alternative to regular email since there are no file size or file type restrictions.

Alternative to secure data in Exchange Secure Mail The Secure Mail module in GoAnywhere MFT allows your employees to send messages and files as secure "packages" on an ad-hoc basis. Recipients will get an email with a unique link to each package, allowing them to download the message and files through a secure HTTPS connection. This is a great alternative to regular email since there are no file size or file type restrictions. Includes Outlook Plugin!

Alternatives to FTP Secure Forms Secure Forms allow end-users to fill out custom forms with one or more input values and (optionally) upload files through the HTTPS Web Client in GoAnywhere, or submit forms by making SOAP or REST requests from your custom built applications. When a form is submitted, a Project in GoAnywhere is executed to automatically process the submitted values and files.

Question & Answer HelpSystems Corporate Overview. All rights reserved.

Thank you for joining us! New to GoAnywhere? Download our free 30-day trial at www.goanywhere.com/trial. Contact us with any questions! goanywhere.sales@helpsystems.com Toll-free 1-800-949-4696 Direct (402) 944-4242

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback