Secure Transfer

The most important FTAPI® SecuTransfer security features at a glance

The fundamental security factors as your guide

Companies exchanging business data with customers and partners should at least use the following fundamental security factors as a guide:

• Encrypted transfer – All files are protected during the transfer („secure in motion“).
• Encrypted storage – In most cases files are cached for transfer on a server, where they are forwarded or are stored for being downloaded. This phase of caching usually takes the largest proportion of transfer time. Therefore a continuous file encryption is very imperative („secure at rest“).
• Suitable storage place – In addition to encryption, it is also relevant where files are stored. A suitable storage place can avoid that cached files get misused or deleted by third parties. Also legal issues can be countered by choosing a suitable server location. Therefore an in-house installation in a self-owned data center or at least in a private cloud should be preferred over a public cloud in most cases.
• Manipulation security – A secure system ensures the integrity of delivered files by detecting manipulation attempts and highlighting all changes.
• Compliance & traceability – A secure system ensures complete transparency and control of all transactions. It has to be audit proof to be able to trace which file was sent or received when by individual employees. Only then reliable evidence can be provided respectively the person responsible can be located in doubt.
• Recipient verification – It must be ensured that only an authorized recipient can download delivered files.

In addition to the technical security factors there is one more crucial requirement for the practical security of any file exchange system:
Your employees need to accept it! If the use of the solution is complex or time-consuming employees may rely on other sending methods and override all security rules.

Soft vs. strong encryption – a serious difference

If so far used systems claim that the transfer is encrypted and secure transfer is ensured, this is only half the truth. Many of these systems only use a so-called soft encryption. That means only the transfer channel is encrypted. The files themselves, however, are unencryptedly cached on a server which is reachable via the internet. Data remain there in plain text for several hours or even days. Although some providers advertise the encryption of files in another step on the server, which increases security only marginally. The break in encryption still remains. This fact is unacceptable for a continuous security architecture, which requires a so-called strong end-to-end encryption whereby all files themselves remain encrypted throughout the whole transfer.

.

With soft encryption only the transfer channels are encrypted. Thereby arises a security breach in caching the file. At this point disloyal administrators and employees as well as hackers can grab files relatively easy.

.

With strong encryption (end-to-end encryption) the file itself remains encrypted until it reaches the recipient. It is virtually impossible to grab and encrypt the files.

FTAPI® SecuTransfer is available as licensed server software for operation in your company or as dedicated hosted solution. Find prices and additional benefits in our product overview.

“Your data is one of the most valuable things in your company.
The currently used algorithm for simple file encryption
in companies all around the world is only secure for a limited time.
Ensure with FTAPI® that your data remains secure
up to thousand times longer.”

Stephan Niedermeier, CTO (FTAPI Software UG)