What is Managed file transfer (MFT)?
Managed file transfer is a category of solutions that enable secure, centrally managed, regulatory-compliant, automated, reliable and efficient data movement. An MFT solution can support a full range of file transfer needs — from user-initiated file transfers and multi-user file sharing to automated business-to-business (B2B) data exchanges. It’s essentially an all-in-one solution that caters to organizations looking to simplify increasingly complex data transfer workflows.
Once you’re done reading this post, you’ll understand the key drivers, attributes, benefits and use cases of MFT solutions.
MFT drivers: Why traditional file transfer software can’t meet business needs
In many industries, data transfers are no longer as simple as moving files from point A to point B. They’ve become increasingly complex, requiring heightened levels of adaptability, security, efficiency, reliability and scalability.
Rising complexity of file transfer workflows
Many of your business processes now involve a staggering amount of data. Although dependent on the type of business you’re in, this data is often obtained from a variety of sources, including on-premises business applications, cloud services and even non-traditional off-site platforms, like a fleet of oil rigs.
Once obtained, portions of that data must be moved to other business units and trading partners, some of which are located in distant cities or even on other continents.
File movements usually have to follow a specific schedule or respond to certain events, like the completion of a particular process. While most of these schedules and events take place during the day, some occur after regular office hours.
Not only that, different trading partners typically require different file transfer protocols. While many have started to adopt advanced protocols like Applicability Statement 2 (AS2) or Odette File Transfer Protocol (OFTP) to support Electronic Data Interchange (EDI), some partners are still stuck with legacy solutions, like standard File Transfer Protocol (FTP). To ensure interoperability across the board, your system has to be capable of supporting all these protocols.
In addition to automated B2B file transfers, organizations also have to deal with end user-initiated ad-hoc file transfers and file-sharing use cases. To address all these different data transfer/data sharing use cases, organizations often turn to multiple solutions. Sadly, a multi-solution approach not only worsens complexity but also makes other business needs, like security and regulatory compliance, more difficult to address.
Increased demand for regulatory-compliant and secure file transfers
A significant part of the data you share with end users, distribute among business units or transmit to your trading partners sometimes includes personal information, financial data, intellectual property and other sensitive data. If you don’t secure that data, you’ll be susceptible to fraudulent transactions, data breaches and other cyber incidents.
In today’s business environments, cyber incidents can be costly. A data breach, for instance, can result in lawsuits, reputational damage and onerous fines and penalties from regulatory bodies. Depending on the industry, country or region you’re operating in, you could be subjected to multiple data privacy/protection laws and regulations like:
- Healthcare Insurance Portability and Accountability Act (HIPAA)
- Payment Card Industry Data Security Standard (PCI DSS)
- General Data Protection Regulation (GDPR)
- Sarbanes Oxley (SOX) Act
- and many others
Some of these laws, like HIPAA and SOX, impose severe penalties on C-level executives, directors and employees. Thus, if you hold a position impacted by these legislations, you have to be more deliberate in securing your data transfers.
You can’t do that with traditional file transfer solutions like an FTP server. Even if you use a Secure File Transfer Protocol (SFTP) server, you still have to tack on several security mechanisms and even entire third-party solutions to achieve regulatory compliance or an acceptable level of protection.
Growing need for cost-efficient, reliable and scalable file transfer systems
As if meeting complex data transfer needs and regulatory requirements was not enough, most IT managers are tasked to meet all those needs on a grossly limited budget. So, if you’re thinking of putting together disparate solutions through complex integrations and scripts, you have to go back to the drawing board.
That strategy is fraught with risks and prone to failure. You’ll only end up spending much more due to integration, customization, administrative, maintenance and troubleshooting costs.
When your file transfer system fails, it’s not only your organization that suffers. As file transfer workflows often involve other parties, any downtime at your end can have a knock-on effect on other businesses in your supply chain. This can have serious implications on your SLAs and your ability to meet industry standards. If trading partners don’t find your system reliable enough, they could seek business elsewhere.
Since many business processes are now accompanied by a deluge of data, many file transfer systems get overloaded due to excessively large file transfers and high-volume traffic. To avoid workload-induced system failures, your file transfer solution has to possess enough scalability to support these data-intensive workflows.
All these needs can be met by a single solution — managed file transfer.
Key attributes and benefits of a managed file transfer solution
A good MFT solution has all the qualities needed to address every single challenge discussed earlier. Allow us to elaborate.
Supports FTP, SFTP and other file transfer protocols
Let’s start with one of the basic attributes of MFT. All MFT solutions support multiple file transfer protocols. This typically includes:
- Standard FTP: Although now considered insecure, FTP is mainly offered to support file transfer operations with legacy systems.
- File Transfer Protocol Secure (FTPS): The secure version of FTP, FTPS derives its security features from Secure Sockets Layer/Transport Layer Security (SSL/TLS), the same cryptographic protocol used by secure websites.
- SSH File Transfer Protocol (SFTP): Also known as Secure File Transfer Protocol, SFTP derives its security features from Secure Shell (SSH).
- AS2: A secure protocol specifically designed to support EDI exchanges. It’s popular in the retail, healthcare, manufacturing, finance and banking, automotive and logistics industries.
- OFTP: Although it’s most commonly used in the automotive industry, OFTP has also found its way in other industries that exchange EDI data.
- Hypertext Transfer Protocol (HTTP): This protocol is mainly used to support web browser-based file transfers.
- HTTP Secure (HTTPS): This is the secure version of HTTPS.
- and many others.
The ability to support multiple protocols has profound implications from an interoperability standpoint. It allows you to transact with almost any trading partner regardless of their choice of file transfer protocol or solution.
Centralizes and simplifies file transfer workflow management and monitoring
An MFT solution is designed to tackle any kind of data transfer task, whether it’s a manual user-initiated file transfer, multi-user file sharing or an automated B2B EDI data exchange. All tasks are managed and monitored from a single pane of glass, giving you complete control and visibility of all your workflows.
From an MFT solution’s centralized administrative console, you can:
- Create file transfer services,
- Build automated file transfer workflows,
- Control user access and permissions,
- Configure security settings,
- Integrate with other services and applications,
- Connect to trading partners,
- Monitor file transfer activity
- Perform a variety of other administrative tasks pertinent to your file transfer workflows.
By combining all file transfer tasks into a single solution, MFT greatly simplifies a large part of your business processes. This, in turn, can free up IT staff and significantly reduce costs associated with data transfer workflow setup, management, maintenance and monitoring.
Enables data security and meets compliance requirements
In order to achieve regulatory compliance using traditional file transfer solutions like standalone FTP servers or even SFTP servers, you’d have to integrate them with other security tools. For instance, if you want to add data-at-rest encryption functionality, a key requirement in HIPAA and PCI DSS, you have to integrate a third-party encryption tool like Symantec PGP or GnuPGP.
This approach entails complicated integration and customization efforts. Also, since your SFTP server and your encryption tool are two separate software, you’d have to troubleshoot them independently and contact two separate vendor tech support teams if an issue arises.
We’re just talking about one security feature, data-at-rest encryption. Corporate security policies and data privacy/protection regulations require several security controls to protect sensitive information. These requirements typically include authentication, audit trails, end-to-end encryption, access control and many others.
Some institutions, like the United States military and other US government agencies, even require specific cryptographic algorithms and strengths in accordance with FIPS 140-2.
With MFT, you can meet multiple security requirements with just one solution. A single MFT solution should readily support multiple secure protocols and security controls. Some MFT solutions even allow you to customize your security levels down to specific cryptographic elements, like say cipher suites using AES-256.
Through their comprehensive selection of security features, MFT solutions enable you to meet stringent security policies and regulatory requirements with ease. The following articles illustrate just how capable an MFT solution can be in meeting multiple regulatory requirements:
Automates and streamlines file transfer processes
Today’s B2B data exchanges are rarely ever carried out through manual processes. But to set up automated data transfers using traditional file transfer solutions, you need to write complex scripts and, again, perform system integrations.
It’s much easier to set up business process automation through MFT solutions. Firstly, MFT solutions have built-in low-code or even no-code workflow automation builders that simplify and speed up the process of creating data transfer workflows. Secondly, MFT solutions have built-in APIs and connectors that make it easy to integrate with an array of network and cloud-based services and applications.
By leveraging these two MFT capabilities, you can eliminate manual methods and achieve fast, efficient, timely and error-free business processes in just a few clicks. Here are a few examples that illustrate what we mean:
- How To automate an SFTP file transfer
- How To Copy Files From Azure Blob Storage To AWS S3
- Benefits of a Scheduled File Transfer and How To Set One Up
- 10 Tasks Your File Transfer Server Should Be Doing On Its Own This Weekend
MFT software solution deployment options
Most MFT solutions can be deployed on-premises and on cloud infrastructure. Let’s briefly discuss the advantages of each of these deployment choices.
On-premises MFT deployments
Unless you’re a cloud-first organization, a big part of your IT infrastructure is likely located on-premises. So, when you also deploy an MFT solution on-premises, that solution will operate in close proximity to your other applications and databases. Not only will that proximity make it easier for you to perform system integrations and set up automated file transfer workflows, but it can also lead to faster data movement between systems.
Another advantage of an on-premises deployment is that files received by your MFT solution can immediately be stored locally upon arrival. This is highly beneficial from a privacy standpoint.
Cloud MFT deployments
Since cloud deployments don’t require hardware, you can bring down capital expenditure (CAPEX) by taking this option. In addition, you can also take advantage of the scalability, flexibility and global reach offered by major public cloud providers.
It’s worth noting that some MFT vendors offer what’s known as MFTaaS, an MFT solution offered under a Software-as-a-Service (SaaS) model. In this model, you don’t have to worry about deploying and maintaining your MFT solution. Your MFT provider will take care of all the heavy lifting for you.
Hybrid cloud MFT deployments
Another MFT deployment option is to place one or more MFT instances on-premises and one or more instances in the cloud (or subscribe to a MFTaaS service). This setup will allow you to enjoy the best of both worlds. Your on-premises MFT instances can benefit from the privacy and tight integration that an on-premises deployment affords, while your cloud-based MFT instances can take advantage of the cost savings, scalability, flexibility and global reach of the public cloud.
Sample managed file transfer use cases
Let's now dive into two sample use cases illustrating how organizations leverage MFT to transact with different trading partners, support operational efficiency, maintain high availability and safeguard sensitive information. These use cases showcase the versatility and value of MFT solutions in meeting the data transfer needs of modern organizations.
Supply chain automation with JSCAPE MFT
A multinational manufacturing company, XYZ Corp, operates in a global supply chain where it sources raw materials from multiple suppliers in different countries and distributes finished products to retailers and distributors around the globe. To streamline its corresponding EDI file exchanges with a diverse selection of modern and traditional file transfer systems, XYZ Corp uses JSCAPE MFT by Redwood.
JSCAPE MFT enables XYZ Corp to exchange digitized purchase orders, invoices, ship notices and other business documents with its trading partners. Most exchanges are carried out via AS2, but some are done through other protocols like FTPS or SFTP. JSCAPE MFT supports a wide range of protocols, so interoperability isn’t a problem.
In addition, JSCAPE MFT enables XYZ Corp to easily set up automated workflows through its no-code/low-code automation builder as well as manage and monitor those workflows through a centralized administrative web interface. This web interface allows server admins to manage JSCAPE MFT instances from a web browser running on a PC, laptop or tablet.
Lastly, JSCAPE MFT’s load balancing capabilities enable XYZ Corp to set up high availability clusters. These clusters in turn allow the file transfer operations to function reliably around-the-clock.
PCI DSS-compliant transmission of payment card data with JSCAPE MFT
Retail company SecureShoppers Inc. operates a chain of stores across the US. Since it transmits large volumes of credit card and debit card data daily, SecureShoppers is subject to PCI DSS regulatory requirements. To meet those requirements, they use JSCAPE MFT.
JSCAPE MFT provides all the security controls SecureShoppers needs to perform PCI DSS-compliant data transfers. JSCAPE MFT encrypts payment card data both while in transit and while stored on SecureShoppers’ servers. It also provides data loss prevention mechanisms for identifying and automatically encrypting payment card data.
JSCAPE MFT also works in tandem with JSCAPE MFT Gateway by Redwood, which acts as a reverse proxy that prevents direct public access between the internet and SecureShoppers’ internal network while still providing file transfer services.
JSCAPE also provides several other PCI DSS-required security controls, such as two-factor authentication, role-based access and audit logs, which, combined, ensure compliance with PCI DSS mandates.