According to the survey, over three-fourths (78 percent) of respondents are still using unencrypted protocols to transfer at least some of their files. Furthermore, less than half (44 percent) of those polled are deploying two-factor authentication when connecting to their file transfer server.
The survey for VanDyke Software was conducted by Amplitude Research and it involved polling 450 professionals who use or are involved in decisions about data protection and file transfer solutions at their organization.
The survey comes in the wake of a series of data breaches that have been reported through the course of 2019. The most significant of these was the issue affecting Capital One. As Digital Journal reported, the Capital One Financial Corporation indicated that personal information, likes names, addresses, phone numbers and credit scores of about 100 million of its customers was obtained by a hacker. The company released details on July 30, 2019.
The impact of data breaches is captured in an IBM-sponsored study, run by the Ponemon Institute, which queried 507 organizations across 16 geographies and 17 industries, the average cost of a single data breach was $3.92 million, and in the United States the average was $8.19 million per breach. Meanwhile, file transfers continue to be a critical, high-volume part of corporate operations.
The VanDyke Software has disocvered that nearly half (48 percent) of companies are transferring files at least multiple times per day and sometimes “continuously.” File servers today are likely to be running Windows and hosted in the cloud, and the transfers themselves are often unencrypted and not protected with two-factor authentication.
Furthermore, over three-fourths (78 percent) of companies are hosting their file transfer servers mostly or completely on Windows, compared to 36 percent for Linux / UNIX, and 25 percent for macOS. Plus, two-thirds (67 percent) of companies are hosting some or all of their file transfer servers in the cloud.
Such findings are important given that a pattern exists between compliance requirements and authentication. For those companies that do not have to comply with any standards or regulations, just 27 percent use two-factor authentication. If, however, a company does have compliance requirements, 47 percent use two-factor authentication.
