Welcome!

Hugh Garber

Subscribe to Hugh Garber: eMailAlertsEmail Alerts
Get Hugh Garber via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Blog Feed Post

Encryption: Transport versus File

This morning I was asked if I recommended using transport encryption or file encryption to protect company files and data.

My answer:  “Use both of them, together!”

For starters, here’s a real quick summary of both encryption types:

  • Transport encryption (“data-in-transit”) protects the file as it travels over protocols such as FTPS (SSL), SFTP (SSH) and HTTPS.  Leading solutions use encryption strengths up to 256-bit.
  • File encryption (“data-at-rest”) encrypts an individual file so that if it ever ended up in someone else’s possession, they couldn’t open it or see the contents.  PGP is commonly used to encrypt files.

I believe that using both together provides a double-layer of protection.  The transport protects the files as they are moving…. And the PGP protects the file itself, especially important after it’s been moved and is sitting on a server, laptop, USB drive, smartphone or anywhere else.

Here’s an analogy:  Think of transport encryption as an armored truck that’s transporting money from say a retail store to a bank.  99.999% of the time that armored Brinks truck will securely transport your delivery without any incident.  But adding a second layer of protection – say you put the money in a safe before putting it in the truck – reduces the chance of compromise exponentially, both during and after transport.

One last piece of advice:  Ensure that your organization has stopped using the FTP protocol for transferring any type of confidential, private or sensitive information.  Although it’s an amazing accomplishment that FTP is still functional after 40 years, please please please realize that FTP is does not provide any encryption or guaranteed delivery – not to mention that tactically deployed FTP servers scattered throughout your organization lack the visibility, management and enforcement capabilities that modern Managed File Transfer solutions deploy.

Related posts:

  1. MFT Is the Unsung Security and Compliance Solution
  2. 800,000 Reasons Why MFT is Important
  3. Takeaways from Verizon’s 2011 Data Breach Investigations Report

Read the original blog entry...

More Stories By Hugh Garber

Hugh Garber is the Senior Product Marketing Manager at Ipswitch, responsible for leading the product marketing, segmentation, and messaging efforts for the company’s secure and managed file transfer solutions. He is also an avid Ipswitch blogger, conveying his views with humor and a sharp edge. With two decades of experience crafting messaging, launching products and enabling sales teams, Hugh brings a wide range of knowledge and creativity to the Ipswitch File Transfer team.

Prior to Ipswitch File Transfer, Hugh held product management, marketing and consulting positions in the retail, telecommunications and Internet services industries. Hugh received his BBA from the University of Massachusetts, and his MBA from Emory University.

In Hugh’s spare time he loves to spend time with his wife and two sons. When he’s not reading Dr. Seuss books and building train tracks with his boys, you can find him either devouring chocolate peanut butter ice cream, experiencing frustration on the golf course, or pretending to know how to use his power tools.