Preface
Informatica Managed File Transfer Welcome Overview
- Managed File Transfer General Features
  - Workflow Automation
  - Ad-Hoc File Transfers and Collaboration
- Getting Started
  - Screen Tips
  - Login
Dashboard
Resources
Workflows
Task Reference
Services Overview
Users
Logs and Reports
Encryption
System
Appendix
Glossary Terms
- AES
- Asymmetric
- Asymmetric Cryptology
- Authentication
- Certificate
- Certificate Authority
- CIDR
- Cipher
- Cryptology
- CSV
- Decryption
- Diffie-Hellman/DSS
- Digital Signature
- DSA
- Element
- Encryption
- Fingerprint
- FTP
- FTPS
- Hash Function
- HTTP
- HTTPS
- ICAP
- Icon
- ISO format
- JCE Service Provider
- JDBC drivers
- JKS
- Key
- Key Alias/Key ID
- Key Pair
- Key Store
- MDN
- MMS
- Non-Repudiation
- Passphrase
- PKCS12
- Private Key
- Project
- Public Key
- Public Key Cryptology
- Public Keyring
- RSA
- Run Priority
- SAML
- Secret Key
- Secret Keyring
- Self-Signed Certificate
- SFTP
- Signing
- SMS
- SMTP
- SSH
- SSL
- SSO
- Symmetric
- Symmetric Cryptology
- URL
- Variable
- Verification
- XML

User Guide

10.2.2
- 10.5.3
- 10.5.0
- 10.4.0
- 10.2.3
- 10.2.2 HotFix 1
- 10.2.1
- 10.2

Back Next

Choosing the Right Encryption Method

There are several factors to consider when choosing the encryption standards to implement. The flexibility in

Managed File Transfer

allows you to choose the encryption standard for each individual transfer. For instance, you may want to use a simple encryption standard (such as ZIP) when exchanging not-so-sensitive data with a customer, whereas choose a strong encryption standard (such as OpenPGP) when exchanging highly-sensitive data.

The following questions should be asked before choosing the encryption standard to use:

How sensitive is the data being exchanged?

How will the data be transported (for example, FTP, Email, HTTP)?

Are large files being exchanged (which should be compressed)?

Should the files be encrypted (before transmission) or should the connection be encrypted?

What encryption standards does your trading partner support?

A trading partner may dictate the encryption standards which they support. For instance, many banking institutions require that their customers encrypt files using the OpenPGP encryption standard.

Listed below are several sample scenarios and the recommended encryption standard to use.

Scenario 1

You need to send your price list file to your customers over email. You want to make it simple for the customers to open the file. The price list information is not extremely sensitive, but you would like to at least password-protect it.

Recommendation: ZIP with standard password protection or ZIP with AES encryption

Scenario 2

You need to send your payroll direct deposit information to the bank. This is considered as highly sensitive information. The bank wants you to send this information over a standard FTP connection.

Recommendation: OpenPGP

Scenario 3

Your trading partner wants to exchange information with you over a secure FTP connection. This trading partner wants to authenticate your company with a password or public key.

Recommendation: SFTP (SSH File Transfer Protocol)

Scenario 4

Your trading partner wants to exchange information with you over a secure FTP connection. This trading partner wants to authenticate your company with a signed certificate.

Recommendation: FTPS (FTP over SSL)

Scenario 5

You need to send purchase orders to your vendors, which you consider as fairly sensitive. The files can be rather large in size and should be compressed. The purchase orders could be sent over standard FTP connections or via Email.

Recommendation: ZIP (with AES encryption) or OpenPGP

Scenario 6

You need to send EDI information securely to a trading partner and you need confirmation that they received the exact document(s) you sent them.

Recommendation: AS2 (S/MIME over HTTP(S))

Scenario 7

You need to send sensitive information in the message body of an email.

Recommendation: Secure Email

Encryption

Download Guide

Watch

Comments

Communities