Solved

Confidential Third-Party File Transfer

Posted on 2006-11-08
7
199 Views
Last Modified: 2013-12-04
I work for a CPA firm. We have a need to transfer relatively large (100mb) files to and from our clients. Our clients include individuals and small companies that do not have access to IT support.

I have looked at yousendit.com, but my concern is that the e-mail notification could be intercepted, and there is no verification mechanism on the site.

My criteria for a product is something very easy to use, inexpensive, and secure.

Any ideas?
0
Comment
Question by:mdcollier
7 Comments
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 17899119
why not just zip the files and encrypt them?  Every free zip program i have ever used can encrypt the files that are zipped

http://www.winzip.com/

winzip is free for evaluation and cheaply priced for commercial use.  it is pretty much the industry standard program for zipping files

0
 

Author Comment

by:mdcollier
ID: 17901521
Perhaps I've presented an unanswerable question.

Thank you for your submission, mikeleebria. I had considered zipping the file with encryption, but I think that even this solution is too complex for some of our users.

Unfortunately, I seem to be chasing my tail on this one. The easier I make the user experience, the more complex (and expensive) the solution.

I've researched several third-party solutions, and they all seem to rely on e-mailing a link. The latest solution I've researched is sendthisfile.com, which claims to be HIPA compliant. Although the data is certainly secure during transmission, the weak link is still the e-mail with the link. If you've got the link, you have unfettered access to the data.

I'm afraid it may be the case that a solution does not exist that meets the criteria... (?)
0
 
LVL 25

Expert Comment

by:mikeleebrla
ID: 17901835
well anytime you increase security you increase user actions.

It's just like putting an extra deadbolt on a door and/or putting an alarm on your house.  If you 'impliment' either of those to make it harder for a criminal to enter your house, you will also make it harder for you to enter your house as well.
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 25

Expert Comment

by:mikeleebrla
ID: 17901848
also,  i'm not familar with sendthisfile.com, but i would think that if it is HIPPA compliant that it would be secure.  I couldn't imagine any solution where simply going to the link would give you access to the data without any user authentication.

0
 
LVL 26

Expert Comment

by:MidnightOne
ID: 17902087
mdcollier:

There's always the "burn to CD and mail" approach, preferably via a trackable courier, e.g. USPS with return receipt, UPS or FedEx.

HTH

MidnightOne
0
 

Author Comment

by:mdcollier
ID: 17902217
Well, I've been Googling like a madman, and finally found a solution;

www.sharefile.com

I swear this is not a bait-and-switch. If you are inclined, take a look. There is a flash demo on the site.

Thanks for all your help. This is the first time I've actually posted a question; previously, I've always been able to find an answer.

mdcollier
0
 
LVL 4

Accepted Solution

by:
LBACIS earned 250 total points
ID: 17914691
I would definitely PGP enrypt the files. PGP desktop is very easy to use. I have had plain jane users be able to use it.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now