How well do you know your partner?
by Calum Macleod - European Director of Cyber-Ark Software - Tuesday, 7 June 2005.
Data must be protected from deletion and tampering - The protection of data by encryption is simply one part of the problem. Files may be accidentally or intentionally deleted or changed. Additionally you need to ensure that data cannot be tampered with.

Ensure that you are able to audit and monitor all activities Comprehensive auditing and monitoring capabilities are essential for security for several reasons. First, it allows the enterprise to ensure that its policy is being carried out. Secondly, it provides the owner of the information with the ability to track the usage of its data. Thirdly, it is a major deterrent for potential abusers, knowing that tamper-proof auditing and monitoring can help in identification. Finally, it provides the security administrator with tools to examine the security infrastructure, verify its correct implementation and expose inadequate or unauthorized usage.

End-to-End network protection - Security must also be maintained while the data is being transported over the public network. The process of transferring data must be in itself secure, and there are several factors that influence the overall security of data transmission. As data transfer is an essential part of a larger business process, it is critical to be able to validate that this step in the process was executed correctly. This requires the solution to provide auditing features, data integrity verification and guaranteed delivery options. Transmitted data should be automatically digitally signed, thus ensuring the data delivery is complete and un-tampered.

Performance is a major issue in many networks, especially when using the Internet where Service Levels are difficult to guarantee. When large volumes of data and a high number of recipients are high, it is critical to ensure that performance is optimized. Compression should be deployed to reduce file size, and since network availability and reliability may disrupt the transfer process, automatic resume from the last successful checkpoint should also be a standard feature.

Ease of Integration with existing business processes - File transfer is usually part of a larger business process and needs to integrate seamlessly. This demands the ability to automate the file transfer process and thus integrate it with the existing business processes. In order to make this integration as simple and as seamless as possible, the file transfer solution must have extremely flexible and diverse interface, providing transparent integration. This also minimizes the amount of human intervention, and as a result can improve overall security by reducing the possibility of tampering with your data.


101,000 US taxpayers affected by automated attack on IRS app

The IRS has revealed more details about an attack it suffered last month, mounted by unknown individuals with the aim to file fraudulent tax returns and funnel the returned money to their own bank accounts.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Feb 10th