A common denominator in the recent attacks on managed file transfer (MFT) software products that have affected hundreds of organizations and millions of individuals is the presence of an internet-facing administrative management dashboard. Generally speaking, configuring MFT software in this way is motivated by a desire to make it easier for employees, partners, and others in the file transfer chain to have access to the system to carry out their purposes. But as you might expect, that also makes it easier for threat actors to carry out their attacks.
That is why we’ve invested a lot of time, thought, experience, and resources into the development and continued improvement of a managed file transfer solution that uses a security-by-design approach. What’s more, while we do everything we can to ensure that our Diplomat MFT line of products are as secure as we can make them, we also make sure Diplomat MFT is easy to use without sacrificing security. The key here is found in the word “solution” versus product.
Product or Solution?
Point products are built to tackle specific tasks. Sometimes a product works well, gains market traction, and so the vendor adds complementary pieces to boost utility (and sales). In managed file transfer, that is often the case. Some of the biggest vendors in our industry started out by making SFTP servers and then tacking on MFT capabilities. (I know this is the case because I was the lead product engineer at one of the biggest MFT vendors out there.) From a business perspective that’s a smart thing to do since you can’t make a lot of money just selling an SFTP server.
But when you take that approach, you risk leaving some important aspects of performance and security behind. Coviant Software took a different route. We recognized that the real value in managed file transfer was in offering a powerful solution that starts with the idea that organizations need certain features, security, capacity, and automations that help them to keep vital business file moving safely from where they are stored to where they need to be. Back-office performance, security, and functionality shouldn’t be an afterthought, but the focus of managed file transfer.
The Best Combination
We talk a lot about our managed file transfer software, but it’s worth noting that, as a solution, Diplomat MFT boasts a lot of pieces that can get overlooked but are essential to why we have earned industry accolades and a passionate customer base. A key piece to that solution is our Edge Gateway.
As a part of the Diplomat MFT solution, our Edge Gateway gives organizations the best possible combination of streamlined administration, minimal threat vectors, and maximum security without complicating things for the user. Our Edge Gateway is an external-facing extension of the Diplomat MFT SFTP server. It is a smarter approach to the common reverse proxy concept other vendors use. This is because our Edge Gateway is installed in your DMZ on a hardened Windows Server or Linux system and with no access to any sensitive information, so that Diplomat MFT can determine how to instruct the Edge Gateway to interact with the external client, securely coordinating the movement of files and SFTP services between Diplomat MFT and the internet.
Clever, not Complex
This ensures no files or credentials are ever stored in your DMZ, while eliminating inbound holes in the firewall. And as a part of a complete and secure managed file transfer software solution, our Edge Gateway minimizes costs and complexity and cleverly avoids the kinds of pitfalls that have led to the kinds of data breaches we’ve read so much about recently.