In cloud computing, the shared responsibility model outlines the joint efforts of service providers and customers to ensure robust security. It's a digital pact where providers secure the infrastructure, including servers and networking, while customers protect their data. Providers handle the hardware deployment, software maintenance, and compliance, while customers manage data security through access controls and encryption.
This collaborative approach creates a secure cloud environment, with providers and customers sharing the responsibility for different protection facets. Understanding this model is crucial for businesses transitioning to the cloud, enabling informed decisions and best practices to fortify their digital presence against cyber threats.
Similarly, analyzing this shared responsibility model as a foundational concept that defines the collaborative security efforts between a service provider and its customers is very relevant for today’s MFT practitioners in their discussion with the business…and the security teams.
Axway MFT customers often explain to us how they are considering changing how they have been operating for years to secure the file transfers of their core business.
The same burning questions keep being asked: Should I continue to use my current MFT solution on-prem? Am I jeopardizing my business for security reasons if I still operate my MFT myself? What are my obligations regarding MFT operations, and how can I comply with my Security team's new requirements?
If you are an Axway MFT customer (or not), here are the top 4 MFT security imperatives you should consider for your most critical file transfers.
At Axway, we have been serving the largest organizations in the world for years by running their MFT operations in a secure cloud environment we manage for them. With this knowledge and field experience in mind, we also recognize each business is different, and change management is challenging.
To help you clarify what shared responsibility means, here are the main security topics you must consider when assessing your risk exposure and how ready you are to ensure robust security for your MFT now and in the future.
Use the last version, always.
Be diligent about version control in production. Customers are entrusted with securing their software version updates as one of the most important security measures.
For each release of the software in use, an update introduces new features, enhancements, and defect fixes and can also introduce compliance-mandated changes, such as adding or removing support for an operating system, new security rules, or new software prerequisites concerning vulnerabilities.
An update is built upon the latest release and is cumulative. it contains all previous features and fixes delivered as patches or updates on the release. For the same product release, customers do not have to apply each update and can choose to pause, but it is recommended to apply updates at least every 12 months when applicable.
In addition, as clearly stated in Axway Product Lifecycle documentation, a patch is a correction that fixes a blocking/service-down issue with no workaround or when facing a security vulnerability if it is proven that waiting for the next update to correct the issue is impossible. You must systematically evaluate the releases and updates used in production, which requires a formal process.
Implement Incident Management
You may not want to compare your current MFT operations and resources to what we do as a Tier 1 MFT provider. However, there’s still an opportunity to implement in your MFT practice, at least in part, the best principles we apply for delivering our service globally.
Axway has implemented formal privacy and security incident response processes globally, which include policies, procedures, and a privacy and security incident response team (PSIRT). System, network, and application logs for Axway infrastructure are maintained for access, activity, and security reviews to verify system health and appropriateness of access and activity in the Axway environment.
Axway uses log and event monitoring tools to review and manage service performance, availability, and security events. Alerting and notification capabilities are implemented systematically, with staff being notified 24x7 of events and available on-call to respond to operational issues.
Encryption and Role-based access
Are you familiar with RBAC? Even if MFT does not typically require storing any data-in-transit locally, there’s still a need for very strict data access. Access to information systems is granted using role-based access control (RBAC) on the principle of least privilege and only if there is a business justification under Axway policies and the workforce member’s assigned role.
Axway uses formally documented procedures to request, approve, create, change, and terminate user accounts. In no case may users authorize system access for themselves.
In addition, the customer has the flexibility in the Axway applications to configure and manage encryption keys. When the service is provided, Axway cloud services use different formal specifications for Axway-managed encryption keys.
Axway is responsible for generating and managing encryption keys for the infrastructure and data-at-rest with Advanced Encryption Standard (AES) in Galois Counter Mode (GCM) with 256-bit keys (AES-256). Permissions to create and manage keys are restricted to authorized Axway personnel, enforced with Identity Access Management solutions (IAM), role-based permissions, and multi-factor authentication.
Each customer encryption key has a key policy that controls permissions for the key. Customer encryption keys can be rotated annually, and the storage encryption keys are unique for each customer.
Business continuity and disaster response
Do you have a formal process for backups and disaster recovery? Axway maintains a formal business continuity plan (BCP), which is regularly tested. The BCP is a guide for management and technical staff related to Axway’s business continuity management strategy and disaster recovery programs in the event of an unanticipated interruption of normal operations.
The objective of the BCP is to define direction and approach to minimize the impact on Axway’s business and customers. The BCP outlines the process for activating the BCP, notifying key personnel, and steps to recover mission-critical services and network facility infrastructure.
In the unlikely event of an outage of the defined cloud hosting services partner region, the recovery of the customer’s Axway Managed Service is performed through the disaster recovery plan. For this plan to be executed when required, Axway and its hosting partner perform all backup and restore actions for the customer environment.
A backup plan is developed during the initial setup. Included are the following backup and restore features:
-
Encryption of data.
-
Production and non-production environments are backed up daily.
-
Daily/Weekly/Monthly backups of production and non-production environments are maintained from seven days to three months.
Also, backup and restore procedures must be tested regularly, typically every year.
Making MFT more secure daily fosters a cooperative security ecosystem between Axway, its MFT practitioners, and the customer's business lines. As businesses transition to a different operational model thanks to the cloud, understanding a shared responsibility model empowers MFT teams to make informed decisions, implement the most critical best practices, and fortify their file transfer processes.
The benefit is for all parties to collaboratively navigate the intricacies of this complex security environment, ensuring a resilient and secure MFT practice for all. With great MFT power comes great responsibilities.
3 steps to take now to future-proof your managed file transfer operations
About the Author
More Content by Emmanuel Vergé