Digital Strategy Axway B2B Integration Axway Managed File Transfer

Can your vendor keep their promise for secure data transfer?

| Michael Koo |

File transfer solutions have been a prime target for attacks over the past few years. It makes sense that hackers have zeroed in on these technologies: of the 80% or more business interactions that are file-based, many house sensitive data like protected health information or social security numbers.

The spotlight on file transfer security risks spotlights solution vendors. Vendors are under pressure to deliver the infrastructure that customers need to support secure data transfer, as well as a team ready to help them succeed.

So, what should you demand from vendors? We dove into this topic in a recent webinar and I’m excited to share some of the key sentiments here.

Does your solution provider continuously provide education?

Misconfigurations are known to be a significant source of breaches. According to one report, identity and credential misconfigurations cause 80% of exposures. One-third of those exposures put critical assets at risk for a data breach.

While shipping solutions securely by design, vendors should keep customers informed on how to build a fortress around their MFT and B2B/EDI ecosystem.

Take the adoption of Zero Trust tenants, for instance. No one solution exists to deliver Zero Trust security, but a strategic, trusted vendor can help companies on this journey.

As vendors identify the best action plan for Zero Trust, they can offer technical support to customers, helping reduce the learning curve for IT and operations teams.

Zero Trust is one emerging tech term to know—explore others here.

While support can come through conversations, access to self-service options is also valuable. At Axway, we’ve created Axway University—a hub for on-demand eLearning courses that helps train customers to use our solutions to support a secure, reliable infrastructure.

Do they support you in navigating evolving standards?

Businesses need to update their Transport Layer Security (TLS) certificates every year or two. Google has even proposed that TLS certificates expire every 90 days to make organizations less vulnerable to breaches.

See also: what’s at stake with an MFT data breach and how to reduce risk.

At Axway, customers manage as many as 23,000 trading partners daily. In that context, keeping certificates up-to-date can be a major challenge.

Ideally, your MFT and B2B/EDI vendor will offer solutions that make your security more manageable. Axway, for instance, is one of just a few vendors certified for automated certificate management capabilities.

At the same time, even more stringent requirements are emerging. Energy vendors in Germany, for instance, are being pressured into using elliptic curve cryptography, which is expected to become standard across more and more industries.

Businesses need to be aware of these requirements coming down the pipeline from trading partners, so they are in a position to handle these requirements to continue securely transferring data.

Do they provide always-on, consistent support?

When customers reach out for support from a solutions provider, they’re often in the midst of a stressful situation. An organization may update its security firewall only to find that the update has inadvertently blocked outbound SFTP traffic, causing critical file transfers to be delayed.

Or perhaps a TLS certificate has expired, disrupting file transfer and, if connections aren’t properly encrypted, causing potential exposure to man-in-the-middle attacks.

Whatever the scenario may be, customers must be able to get the answers they need to get back up and running fast.

A vendor’s support team should be easy to connect with 24/7, with the same contact methods used no matter what time of day you’re reaching out or the nature of the issue.

From that initial touchpoint, it’s about creating a customer-first experience:

 

 

Support teams should follow standardized processes and procedures, so customers know what to expect whenever they reach out.

While a vendor can design standards to cover 80% of support needs, they should also be flexible enough to effectively manage that remaining 20%.

When we’re talking about the cultural and regional differences of a global customer base, there must be room for adjustments to cater to their needs.

See also: How support can make or break your secure data transfer.

At Axway, we’ve invested in the talent and resources for our support side of the business. It’s one of many reasons we’ve been able to build relationships with customers that are counted not in months but in years and decades.


Learn more about what to expect from vendors to build an unbreachable fortress for your data ecosystem in the full webinar

Key Takeaways

  • A trusted MFT or B2B/EDI vendor should continuously educate customers on security best practices to help prevent breaches caused by misconfigurations.
  • With evolving security standards and new cryptographic requirements, vendors must provide automated, scalable solutions to simplify compliance.
  • Reliable vendors offer always-on support that truly understands your business, seeking to prevent problems by building trust over the course of years-long partnership.