Accellion blog has moved!

You should be automatically redirected in 6 seconds. If not, visit
http://www.accellion.com/blog/
and update your bookmarks.

Friday, May 26, 2006

Happy CEO, Happy CIO, Happy End Users - a true story

CEO's are a special breed of end users - their time is too limited to deal with technology that does not work the very first time, and that includes user errors.

So, imagine the delight of a Chicago manufacturing firm CIO who deployed the Accellion secure file transfer solution and had the CEO become an early user.

This is a true story.

Knowles is in the precision manufacturing business with a global manufacturing footprint. After years of email, FTP, and overnight CD's, the CIO wants a secure file transfer infrastructure that does the following:

  • Business Security: built in security capabilities to fit end user processes

  • Minimum User Training: require minimum deployment planning and virtually no end user training

  • Technical Security: encrypted storage and transmission

  • Take Load Off Email: move the file transfer function away from the mail server

  • Minimum On-going IT Management: allow IT resources to focus on other priorities

Accellion Courier Secure File Transfer Appliance SFTA was selected. Fast forward a few months.

This is what the CIO said on the impact on IT, "[it] allows me to address our security needs without hassle and lets me deploy my limited IT resources to other priorities."

And he thinks it is easy for end users, like the CEO. "The appliance has become an integral part of our processes with senior management regularly using the system to exchange confidential information," said the CIO.

Like I said last time, the real art in implementing a secure file transfer framework is on how to do it without killing the IT staff or inciting end user riots. And the Knowles case is a real masterpiece. (You can click here to read the Knowles experience. Warning: you are required to enter some basic information to get to the file. Sorry.)

Post script: Knowles was later acquired by Dover Corporation for US$750 million. I've heard that Accellion SFTA played a small part in facilitating a smooth transaction.

So, what does SFTA do beyond providing secure file transfer? Boy, am I glad that you asked.

ACA-Guy

Friday, May 19, 2006

Four (or more) ways of slicing Secure File Transfer

Since I broached the subject of Secure File Transfer in the last posting, please indulge me with a quick discussion on what it is in the context of organizational processes.

As a starter, File Transfer is pretty straight forward - getting a packaged data, in form factor ranging from a simple text file to a multi-GB folder containing multiple files in complex sub-directory hierarchy relationship, from point A to point B electronically.

Secure, on the other hand, is the part that people have a wide range of opinions on.

Some people take a narrow view of security and only consider secure file transfer in technical terms. The considerations tend to focus on protocols and methods of encryption such as the use of SSL and SSH in flavors like HTTPS (HTTP over SSL) or SFTP.

My contention is that technical security is a necessary but insufficient condition - ability to be secure technically is just the table stake to be in the game, in other words. Why? Because technology does not operate in vacuum.

At the organizational level, there are three typical drivers for being Secure:

  • Regulatory and compliance requirements - think HIPAA and Sarbanes-Oxley (SOX) as the most recent and prominent examples.

  • Protect institutional assets such as intellectual property (IP) and confidential information - think of all the IP involved with the outsourced activities most organizations engage in these days.

  • Build and maintain a trusting relationship with outside stakeholders - I would hate to be the CitiFinancial representative to tell customers and partners that their information is lost.
Of course, like most things in life, after slicing Secure File Transfer at least four ways, the "fun" really starts with how to go about architecting a framework for a secure file transfer infrastructure that fits all the organizational requirements the over-stretched IT team can easily support and end users readily adopt.

That's the $64 question, as the saying goes.

Coming up next: how companies meet their Secure File Transfer requirements without killing the IT staff or inciting end user riot. (Hint: Secure File Transfer Appliance, SFTA.)

ACA-Guy

Wednesday, May 10, 2006

hello, world

Greetings! I'm very excited to have this opportunity to begin an open dialogue with you about the trends and issues of secure file transfer. Just like email has become a basic and ubiquitous building block of an enterprise's DNA, transferring (large) file securely has become a core business process in ways that nobody had envisioned just five years ago.

Raise your hands if this has happened to you.

  1. Received a notification from IT saying that you MUST clean up attached files in your inbox because it will reach its quota soon?

  2. Somebody complained to you that your data-and-graphic-rich presentation is being rejected by the recipient's email server as being too big?

  3. Made an IT administrator's face turn green by demanding a new FTP account be set up THIS INSTANT because you "need to share a critical file with an external user. Yesterday!" (Try not to do this since those IT types have long memories.)

I rest my case.

With this forum I hope to share best practices, compliance information, retention policies, ideas for storage management, security tips, and more in the context of getting the best ROI from your secure large file transfer infrastructure. You have an open invitation to tune in regularly and contribute to the discussions. Like the book The Wisdom of Crowds says, we can learn a lot from each other.

Just so you know where I'm coming from, I am the "marketing guy" at Accellion, I have a front row seat and back stage access on secure file transfer appliance as a new market. From its recent introduction as a new product category to the current rapid growth, this has been one heck of a show so far and things are just heating up!

Before Accellion, I've always been involved in various aspects of B2B space. I was a programmer, hence the tribute to Brian W. Kernighan's work on C programming in the title. I was a consultant, still refer to most airports by their three letter IATA code such as ORD for Chicago O'Hare. I was a product manager, coaxing new products and upgrades to walk out of the engineering lab into enterprise usage in the fields. And I can bear witness to the vicissitude of Silicon Valley - some uplifting, some banal, some pathetic, but always entertaining.

So, how do you send large file securely today?

ACA-Guy