COVID-19病毒的爆发,使得远程文件、数据传输的需求激增。
与此同时,在大数据、云计算等IT新业态的环境下,传统的文件管理、传输、共享软件,在网络安全、数据泄露、带宽需求、非结构化数据传输方面,又难以全面兼顾。
SmartDataCollective的编辑Brad Lowrey敏锐洞察到这点,他根据行业专家Stewart Harper撰写的——关于公司在尝试将大数据迁移到云时面临的问题,探讨了大数据是如何从根本上改变文件传输安全。
主要观点是:大数据是文件共享技术的未来,以及在设计大数据文件传输策略并为组织选择文件传输解决方案时,需要特别注意的11大事项(以下内容是原文和译文)。
File transfer security has become a major concern for many organizations thanks to increased cyber security threats, sky rocketing costs associated with data breaches, as well as more compliance standards and privacy requirements (e.g., HIPAA, PCI DSS , Sarbanes-Oxley , Gramm-Leach- Bliley.)
Due to COVID-19 the number of employees working remotely has exploded. This creates acyber threat with employees sharing potentially sensitive data from their home offices. As such, they need a file transfer solution that can handle the movement of large files around the world and comply with various security standards without putting a strain on their IT resources.
Meanwhile, companies are realizing that their legacy file transfer solutions, such as FTP, are lacking the capacity and security measures they need to stay compliant and competitive. These basic file transfer tools don’t have the flexibility for handling multiple sources and targets, nor can they support business-to-business interactions among partners, vendors and suppliers.
These legacy systems often don’t include provisions for data encryption. Sensitive data is easily exposed in transit , making it a prime target for cyber criminals.
译文:频繁发生的网络安全威胁事件、数据泄露造成的成本飙升和越来越严格的合规性标准与隐私要求(如HIPAA、PCI DSS、Sarbanes-Oxley、Gramm-Leach-Bliley),使得文件传输安全已成为许多组织关注的主要问题。
COVID-19病毒的爆发,迫使居家远程办公的人数飙升,员工在家里对工作文件进行共享和传输时,一些敏感的数据可能正在遭受网络安全的威胁。
为此,员工们需要一种安全的文件传输解决方案。该方案能够在世界范围内处理大型文件的传输并遵守各种安全标准,同时还不会对IT资源造成影响。
但是,这些公司正意识到,传统的文件传输方案(如FTP),缺乏保持合规性和竞争力所需要的容量和安全措施。这些基本的文件传输工具,不具备处理多源文件和目标的灵活性,也不能支持合作伙伴、供应商、支持者之间的业务交互。
另外,这些旧的系统通常不具备数据加密的功能,让敏感数据在传输过程中,很容易成为网络犯罪分子攻击的目标。
组织“文件传输策略”的11个注意事项
To stay competitive in today’s global business environment, you need a file transfer strategy that can scale up with your business without adding substantial costs.
Here are 11 key considerations when you are designing a big data file transfer strategy and selecting file transfer solutions for your organization :
译文:为了在全球业务环境中保持竞争力,组织需要能够随业务扩展且不需要大量额外成本投入的文件传输策略。
在设计大数据文件传输策略并为组织挑选文件传输解决方案时,有11个注意事项:
(1)Automate themovement of files between internal systems and partners or customers to minimize errors, delays, and bottlenecks.
(2)Use a solutionthat can reliably deliver files without manual checks. It should also minimize the need for extensive scripting to handle errors, file verification, and file transfer retries.
(3)Consolidate your organization’s file transfer, file sharing, and automation needs onto a single interface that can support a variety of transfer clients and protocols, such as browsers via HTTPS, e-mail attachments, and FTP/SFTP clients.
(4)Choose aflexible solution that can simplify, secure, and audit batch server-to-server file transfers, user-to-system ad-hoc file transfers, and person-to-person file collaboration.
(5)Look forautomation features that can run workflows with multi-step processes when you need to move, process and encrypt data. The software should also allow you to schedule transfer, as well as monitor every folder to see when a new file is added and process it immediately.
(6)Integrate yourfile transfer tool with as many numerous different applications as possible to streamline workflows and increase efficiency.
(7)Use a filetransfer solution that can create reports to facilitate regulatory compliance by consolidating audit details on file transfers across multiple systems.
(8)Achieve thehighest level of security by using a solution designed to meet federal standards and encrypt files both at rest and in motion.
(9)Encrypt anddecrypt files using the Open PGP standard while protecting file transmissionswith SFTP, SCP, FTPS, AS2, and HTTPS protocols.
(10)Enhance datamovement and exchange by using a file transfer solution that can connect tovarious types of servers. These include secure FTP servers that use SFTP, SCP or FTPS protocols, AS2 or HTTP(S) servers, standard FTP or email servers, aswell as local file systems.
(11)Integrate your file transfer software with cloud storage solutions, such as Box, Google Drive, and SharePoint for seamless workflows.
译文:(1)能够在内部系统、合作伙伴、客户之间自动传输文件,最大程度地减少错误、延迟和性能瓶颈。
(2)这个方案无需人工检查就可以安全传输文件,避免编写大量脚本用于处理文件错误、验证和传输重试等问题。
(3)将组织的文件传输、文件共享和自动化需求整合到一个界面上。该界面支持各种传输客户端和协议,譬如通过HTTPS、E-mail附件和FTP/SFTP客户端。
(4)该方案应具备灵活性,可以简化、保护、批量审核服务器之间的文件传输,及用户到系统的临时文件传输和员工之间的文件协同。
(5)当你需要移动、处理和加密数据时,这个软件可以在多步骤流程中,自动处理工作流程。它还允许你设置传输的时间,并监视每个文件夹,以查看文件更新情况并进行下一步的处理。
(6)这个文件传输工具能够兼容、集成不同应用程序,以简化工作流程并提高效率。
(7)文件传输解决方案应通过合并多个系统文件传输的审核详细信息来创建报告,以达到合规性。
(8)通过使用旨在满足联邦(国家)标准的解决方案,在静态和动态的状态下对文件进行加密,以实现最高级别的安全要求。
(9)能够使用OpenPGP标准对文件进行加密和解密,通过SFTP、SCP、FTPS、AS2和HTTPS协议保护文件传输。
(10)通过使用可以连接到各种服务器的文件传输解决方案来加强数据移动和交换,包括使用SFTP、SCP或FTPS协议的安全FTP服务器、AS2或HTTP(S)服务器,标准FTP或电子邮件服务器以及本地文件系统。
(11)能够将文件传输软件与Box、Google Drive和SharePoint等云存储解决方案集成,以满足无缝的工作流程。
One more thing:数据容灾更重要
不管是异地远程的数据传输,还是企业数据的迁移上云。企业在大数据环境下,想要确保文件的成功传输和数据的安全保护,均需要将数据容灾的方案作为文件数据传输策略的重要部分。
英方拥有业界齐全的数据容灾方案,通过统一的数据管理平台i2UP,企业不仅能够实现对海量图片、视频、日志等非结构化数据,以及各类数据库(如Oracle、MySQL、SQLServer、GaussDB等)和大数据平台相关(Hadoop、Kafka、Kudu等)的数据/消息进行实时数据同步、备份、CDP及容灾保护,且整个传输过程加密传输,安全可靠,可以从本地到同城、到异地或云端,支持物理机、各类虚拟机平台的迁移和保护。实现各类型文件/系统端到端的安全保护,避免网络攻击、误删、单一硬件设备故障造成的数据损坏和业务停止。
企业数字化在大数据环境下面临的挑战
一方面,大数据技术正在改变文件数据的处理和传输方式;另一方面,大数据技术的应用正在遭受来自黑客、自然灾害、人为破坏等的挑战。企业一旦出现重要数据的丢失、泄露和业务的停止,就会对自身的营收和声誉带来重大的损失。
企业需要了解这些潜在的威胁,并尽快找到合适、高效、安全的IT资产保护体系。