?
Solved

Confidential Third-Party File Transfer

Posted on 2006-11-08
7
Medium Priority
?
218 Views
Last Modified: 2013-12-04
I work for a CPA firm. We have a need to transfer relatively large (100mb) files to and from our clients. Our clients include individuals and small companies that do not have access to IT support.

I have looked at yousendit.com, but my concern is that the e-mail notification could be intercepted, and there is no verification mechanism on the site.

My criteria for a product is something very easy to use, inexpensive, and secure.

Any ideas?
0
Comment
Question by:mdcollier
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 17899119
why not just zip the files and encrypt them?  Every free zip program i have ever used can encrypt the files that are zipped

http://www.winzip.com/

winzip is free for evaluation and cheaply priced for commercial use.  it is pretty much the industry standard program for zipping files

0
 

Author Comment

by:mdcollier
ID: 17901521
Perhaps I've presented an unanswerable question.

Thank you for your submission, mikeleebria. I had considered zipping the file with encryption, but I think that even this solution is too complex for some of our users.

Unfortunately, I seem to be chasing my tail on this one. The easier I make the user experience, the more complex (and expensive) the solution.

I've researched several third-party solutions, and they all seem to rely on e-mailing a link. The latest solution I've researched is sendthisfile.com, which claims to be HIPA compliant. Although the data is certainly secure during transmission, the weak link is still the e-mail with the link. If you've got the link, you have unfettered access to the data.

I'm afraid it may be the case that a solution does not exist that meets the criteria... (?)
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 17901835
well anytime you increase security you increase user actions.

It's just like putting an extra deadbolt on a door and/or putting an alarm on your house.  If you 'impliment' either of those to make it harder for a criminal to enter your house, you will also make it harder for you to enter your house as well.
0
WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

 
LVL 25

Expert Comment

by:mikeleebrla
ID: 17901848
also,  i'm not familar with sendthisfile.com, but i would think that if it is HIPPA compliant that it would be secure.  I couldn't imagine any solution where simply going to the link would give you access to the data without any user authentication.

0
 
LVL 26

Expert Comment

by:MidnightOne
ID: 17902087
mdcollier:

There's always the "burn to CD and mail" approach, preferably via a trackable courier, e.g. USPS with return receipt, UPS or FedEx.

HTH

MidnightOne
0
 

Author Comment

by:mdcollier
ID: 17902217
Well, I've been Googling like a madman, and finally found a solution;

www.sharefile.com

I swear this is not a bait-and-switch. If you are inclined, take a look. There is a flash demo on the site.

Thanks for all your help. This is the first time I've actually posted a question; previously, I've always been able to find an answer.

mdcollier
0
 
LVL 4

Accepted Solution

by:
LBACIS earned 1000 total points
ID: 17914691
I would definitely PGP enrypt the files. PGP desktop is very easy to use. I have had plain jane users be able to use it.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses
Course of the Month7 days, 21 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question