Managed file transfer
Managed file transfer ("MFT") refers to a software or a service that manages the secure transfer of data from one computer to another through a network (e.g., the Internet). MFT software is marketed to corporate enterprises as an alternative to using ad-hoc file transfer solutions, such as FTP, HTTP and others.
Typically, MFT offers a higher level of security and control than FTP. Features include reporting (e.g., notification of successful file transfers), non-repudiation, auditability, global visibility, automation of file transfer-related activities and processes, end-to-end security, and performance metrics/monitoring.
MFT applications are available as both on-premises licensed software packages and software-as-a-service ("SaaS"). Some are specially designed for enterprise use while others are for sale to individual consumers. A few enterprise-focused SaaS MFT providers also manage the additions of new trading partners, which can free up a lot of IT (Information Technology) resources.
MFT applications are characterized by having all or most of the following features:
- Support multiple file transfer protocols including FTP/S, OFTP, SFTP, SCP, AS2, and HTTP/S.
- Securely transfer files over public and private networks using encrypted file transfer protocols.
- Securely store files using multiple data encryption methods
- Automate file transfer processes between trading partners and exchanges including detection and handling of failed file transfers.
- Authenticate users against existing user repositories such as LDAP and Active Directory
- Integrate to existing applications using documented APIs (application programming interfaces)
- Generate detailed reports on user and file transfer activity.
Background
From its inception, FTP has made moving large volumes of bulk data between any two entities—including file servers, applications, and trading partners—possible. However, FTP (and other communication protocols such as HTTP and SMTP) do not, on their own, provide a way to secure or manage the payload or the transmission. Yet, regardless of the lack of security and management capabilities, many companies have continued to transport large batches of structured and unstructured data using these protocols.
This practice is changing, however. According to Gartner Research, "Organizations often use MFT solutions to replace FTP. This is due to increased focus on compliance, privacy regulations and corporate transparency — which demand increased auditing, management, security and process."[1]
Different flavors
While Managed File Transfer always recovers the same features—reporting (e.g., notification of successful file transfers), non-repudiation, auditability, global visibility, automation of file transfer-related activities and processes, end-to-end security, and performance metrics/monitoring—the way it is used has a major impact on the nature of the appropriate solution. Today analysts[2] and experts agree on 6 different usage patterns for MFT:
- Ad Hoc
- Accelerated Transfer or "Extreme" Transfer
- A2A (Administrative-2-Administration)
- B2B
- Cloud
- SOA
All are defined by their own markers and require different methods.
Future
As more and more companies decide that FTP is inappropriate for secure file transfer,[1] Managed File Transfer is beginning to be perceived as a necessity, not an option.[3]
Challenges for MFT systems include:
- adaptability to the wide variety of business and technical requirements for file transfers within a wide variety of organizations
- scalability: the ability for the capacity of MFT systems to expand along with an organization's growth
- SaaS model adaptability.
References
- 1 2 "FTP Replacement: Where MFT Makes Sense and Why You Should Care". 8 November 2010.
- ↑ "What MFT Is, and How It Applies to You". 14 June 2011.
- ↑ Woodie, Alex (2 September 2009). "Managed File Transfer: A New Product Category That's Here to Stay". IT Jungle-Four Hundred Stuff.