Muthoga Kioni
As we become more reliant on information technology for business and individual purposes, it is important we re-examine how we transfer data from one place to another.
You are most likely using a flash disk to transfer data from your laptop to your office desktop. For companies, the process has to be achieved in the most cost effective and secure way. File transfer is, therefore, a technological security component that cannot be ignored.
Data has become an asset and this is best illustrated by financial firms. A while ago, a bank head office, for instance, would obtain and exchange ledgers, statements and other documents with its far flung branches. These records are today sent as electronic files online. Your ATM, credit/debit card and e-banking transactions are now authenticated and validated online. The data is valuable to the bank and customers.
The same painstaking security procedures that used to be applied when transferring sensitive corporate files need to be employed to digital data transfers.
The advent of telecommuting and remote working has given many more employees in Kenya access to vast amounts of data. They can view, amend, upload and download data to their company servers from anywhere in the country. Using File Transfer Protocol (FTP) servers to transfer large files is the most common way to transfer.
Audit trails
Unfortunately FTP was designed when security was not a primary concern. It’s main drawback is that simple FTP cannot provide audit trails. FTP has enhanced offshoots such as, Secure File Transfer Protocol and Encrypted File Transfer Protocol. They do address security but need specialist programs installed on users’ desktops; adding overheads for IT departments.
Organisations need to employ data transfer technology that uses encryption, is capable of authenticating the recipient, manages each file transfer, is simple to install and cost effective. These technologies are in the market and can send or receive folders of upto 60GB securely. They have minimal impact on IT resources and are simple to install. A more crucial characteristic is that their audit trails must meet the security and compliance standards of Sarbanes-Oxley, COSO and other global ICT regulations.
Various companies in Kenya are progressively appreciating their reliance on information for their success. The importance of secure file transfer cannot be understated. It has become a core business process used by leading local organisations to run, maintain and manage their operations.
The writer is an ICT Security and Forensic Specialist. Email: bmuthoga@hotmail.com