File transfer solutions have been around for decades, but the conversation around its security is changing. In the words of Axway’s MFT Product Line Senior Director Paul Lavery,
“MFT teams are in a once-in-generation data breach crisis.”
In May of 2023, Amazon suffered a significant data breach due to a vulnerability in its MFT service. Months later, the company confirmed that employee data was stolen in the breach and leaked by a third-party provider.
The Amazon file transfer breach is hardly the only cautionary tale: thousands of organizations have been breached in the last 18 months through a similar “MFT attack vector.”
As web-facing enterprise software becomes a bigger target for hackers, even the most prominent players aren’t immune to MFT breaches—and the ripple effects from these breaches can be felt well into the future.
(Join us for the upcoming webinar here)
Knowing that attacks like these will continue to happen, organizations need to invest resources and budget into their MFT security so they’re ready to face the reality of the issue.
What’s at stake with an MFT data breach
Data integration is all about the edge of your environment, where the boundaries between systems, devices, and interactions blur. It’s a bridge for opportunities, but the edge is also where danger lurks—and those vulnerabilities can come with a hefty price.
In 2024, the global average data breach cost reached $4.88 million. That’s a 10% increase from 2023, and the highest total to date. While organizations have to battle breach costs, there’s a clear monetary incentive for hackers to access sensitive data, as we shared in a recent webinar:
Heading into 2025, breach-related class-action costs will surpass regulatory fines by 50%, making MFT breaches all the more expensive.
Consider new regulations, like the NIS2 directive. Impacted EU organizations must be prepared to embrace these frameworks; if not, they’re looking at a cost of 7 million euros per violation.
See also: Navigating Data Governance: Meet Privacy and Sovereignty Regulations
Top priorities to keep your MFT operations secure
1. Diligently select a reputable MFT solution provider
Does a vendor’s compliance stance align with your industry’s regulations? While it may seem obvious, going through this checklist is a critical first step in the selection process. Think about this through the lens of how you will use and implement an MFT solution.
In a time when MFT is about implementing architectures and policies, you also want to make vendor expertise a priority. Ideally, you’ll have certified security engineers to discuss your needs and user groups you can contact for support.
Make sure to also ask questions about the vendor’s security program. Do they have red and blue teams to test and automate the software development lifecycle? The answers to these questions help verify the quality you’ll get in the end.
2. Adopt a Zero Trust-ready hybrid MFT architecture
Assuming that MFT data breaches will happen, it’s important to implement processes and policies that support “least privilege” access across your organization. New security models like Zero Trust are getting attention from the C-suite.
Much like a hotel key card, Zero Trust gives you access to what you need—your room and various amenities—during your stay, and then revokes these credentials at checkout.
With more organizations moving from fully on-premises MFT infrastructures to a hybrid setup, you’re encountering more of those “dangerous” edge endpoints. This makes it all the more critical to deploy a systematic architecture with links and data flows that leverage Zero Trust principles.
Explore five key steps to help you on the path to Zero Trust adoption for MFT.
3. Delegate MFT security where it makes sense
In fully on-prem environments, organizations became used to handling every aspect of MFT security on their own. Now, in today’s mixed environment, there are opportunities to partially or fully delegate security to an MFT solution provider with a service-level agreement model.
When opening up their operations to an MFT SaaS environment, organizations can take advantage of vendor’s threat reports, encryption features, patching, and more.
This shared responsibility model helps ensure B2B file transfers stay secure and that SLAs are met through delegation.
4. Pair automation & enhanced monitoring for better UX
When there’s a potential MFT breach, the ability to act fast can’t be overstated. This starts with real-time alerts that flag these breaches, and then being able to go into your MFT system and access relevant information.
To this end, automation and enhanced monitoring need to work hand-in-hand to deliver the best user experience possible. Administrators can then identify and contain MFT issues in less time.
Prioritize MFT security for your organization
MFT security is a different game in 2025. Organizations need to prepare for the heightened possibility of a file transfer breach, as well as new compliance audits.
Now is the time to convince your leaders to mitigate the next vulnerability, communicate your needs, and put a budget toward protecting your operations from the aftermath of MFT attacks.
Follow us on social