Ipswitch offers businesses grappling with the thorny issue of how to securely transfer large files with an easy-to-use secure email platform, MOVEit Cloud. Employees can share files securely amongst themselves as well as with authorized individuals outside the organization.
Think about it: when your employees need to share files with colleagues, contractors, partners, and customers, what do they do? Odds are they are either just emailing the files to each other or using consumer-focused cloud services such as Dropbox and Box.net. This means that you, as IT, have a difficult time tracking who has access to which file, where these files are winding up, and whether sensitive information is protected. For companies in regulated industries, this becomes a bigger headache because IT has no control over how data is shared within and outside the organization, nor does it know if the information is encrypted before leaving the network.
MOVEit Cloud from Ipswitch is a secure, cloud-based file service that helps IT control how documents are passed around, without over-complicating the interface for the end-users. It is very similar to AppRiver’s CipherPost Pro but has better folder management.
From the end-user perspective, MOVEit Cloud is intuitive to use because the Web interface is just like a Webmail client, and there is an Outlook plugin, which means they don’t even have to leave the familiar interface. Users don’t have to install complicated tools or jump through a series of steps to properly encrypt the file before sending it; MOVEit Cloud automatically takes care of that.
IT teams will like MOVEit Cloud because it provides a detailed view on who transferred what files when, as well as define certain rules on what can be done with the documents, such as restricting forwarding and automatically deleting the files after they are read.
Ipwsitch offers two main modules in its MOVEit suite: Ad Hoc Transfer and File Transfer. File Transfer handles cases when files and data are shared between servers, systems, and applications, or when groups need to access a common shared folder. Ad Hoc Transfer, also available as a stand-alone module, refers to situations when an employee has to send files and messages to another individual or group.
These two modules are available in two deployment packages, MOVEit DMZ, which refers to the on-premise version, and MOVEit Cloud, the hosted version. This review focuses on MOVEit Cloud and the Ad Hoc Transfer module, in particular.
At a little over $23 a month, the platform is very affordable. However, MOVEit Cloud is not intended for the smallest business, as there is a minimum 25-user investment, which comes out to $3,600 a year, or just $12 per user per month. Final pricing depends on the actual number of users, and it can go as low as $5 per user per month, according to Ipswitch.
To begin, Ipswitch created a MOVEit Cloud account and the accompanying environment, branding it with the PCMag logo. The fact that it can be customized to look like the company’s internal portal indicates this is the “official” platform, as opposed to a random service employees may be using.
I also received a username and password for accessing the support portal, which contains detailed manuals and reams of documentation. The password requirements for the support portal are pretty stringent as even a 12-character string with upper and lowercase letters, numbers, and symbols, was not considered strong enough. I finally managed to change to a password that was 21-characters long with a mix of upper and lower case letters and numbers.
The administrator has full control over the system, managing users who have access to the system, storage and bandwidth limitations, and deciding whether messages could ever be saved locally. The administrator can see all the files that have been ever uploaded, by whom, and who has sent that file or viewed it. I could generate in-depth reports based on this information.
When I logged in for the first time, I was prompted to download the upload/download wizard, which requires Java to run. The tool speeds up getting the files up for transfer, handles multiple file transfers, performs automatic integrity checking, and handles files larger than 2GB in size—Next: MOVEit Cloud Administrator, User Interfaces
As an administrator, I could create new users. I was disappointed that there was no way to automatically send an email to the new user with the password information and the link to login. This was an extra step I would have to. I could also link the platform with existing user directories, including LDAP and Active Directory. Permissions and privileges can be assigned to individual users or to groups.
I particularly liked the auto-provisioning aspect. If the recipient is not in the system as an existing MOVEit Cloud user, I could still send messages. I just entered the email address in the sender field, just as if I was sending an email. The system automatically sent the recipient an email explaining they will be getting an email soon with a link to where the file is, and included the password in the email. When the actual mail notification arrived a few minutes later, I was able to use the password from the first email to log in and view the securely transferred file.
This way, users can use Outlook or the Web browser to send files to anyone in the world so long as the recipient has an email-address.
However, it was a little frustrating that I couldn’t look in the logs to figure out who these guest recipients were. I could track down individual email messages and determine who those recipients were, and could see in the logs that files had been sent as attachments, but there was no simple way to see all the external users who had received files. In contrast, it’s very easy to see how many messages each user in the system received messages, sent as attachments, or transferred files.
Every single time I received an email in the secure system, I received a notification email in my normal Inbox with the subject line, recipient name, and the link back to the secure platform.
Senders can proactively apply email encryption, attachment offloading, secure messaging, access control and authentication, data loss prevention, and content management policies. I could say that recipients couldn’t reply all, for example.
MOVEit Packages vs Attachments
MOVEit Clouds send data as either packages or attachments. Attachments are files I attach to emails and send off. They aren’t uploaded to the system. While I can forward attachments to multiple users, there is less management controls available on those files. It was far better to take the time to upload the file into the system, and then send it using the system. The folder management is pretty thorough, as I could assign users to specific folders and create nested folders to organize the data.
Packages are the actual email with that file sent to that user at that time. I can view each package, with the timestamp of when the contents were sent for audit and tracking purposes.
MOVEit delivers SSL encrypted HTTPS, FTPS/TLS, AS2, AS3 transfer methods, and all data uploaded to MOVEit is carefully protected using the built-in, FIPS 140-2 validated, AES-256 storage encryption. For organizations that have to comply with specific compliance regulations, such as those in retail, healthcare, and financial services, the fact that data is transferred in a secured tunnel and protected is critical.
Administrators can create rules to track file transfer processes, log failed jobs, and detect new files as they are uploaded. They can also create rules on when files and folders are expired and no longer accessible. Users can also be assigned quotas for number of files they can share, or amount of files they can upload to the platform. If the administrator thinks some IP addresses, or users, are abusing the system, then they can be blacklisted.
Cloud vs DMZ
For the end-users, MOVEit DMZ and MOVEit Cloud offers essentially the same experience. Users access the browser interface using Internet Explorer, Firefox, Chrome, or Safari. The on-premise version, MOVEit DMZ, doesn’t have onerous hardware requirements, as all it really needs is a server with at least 2GB of memory, 40 GB of storage space, and Pentium-class processors. The platform needs Windows Server 2008 R2 along with either a Microsoft SQL Server or MySQL database. Obviously, better microprocessors, more memory, and more storage will improve performance. Ipswitch also supports both Hyper-V and VMware ESX for companies who want to deploy the platform in a virtual environment.
The hosted version, MOVEit Cloud, avoids the hassle of sourcing a server or spinning up a virtual machine by leaving the whole deployment up to Ipswitch. IT already has a too-long list of things to do; a hosted platform means IT has one less task to deal with. The whole system is live within hours of signing up, and the system can expand as necessary while remaining flexible.
Send it Securely
MOVEit Cloud gives organizations control over how files are emailed in and out of the organization without over-complicating the process or adding an extra burden on users. The upload/download tool makes it easy to upload files, and you would have to do that level of effort for Dropbox, anyway.
Every message sent through the system is tracked and protected, which will give organizations a peace of mind, especially if they are under regulatory pressure to secure data. The administrator can easily track down who has done what with each file, and when.
It isn’t a full-fledged system, but rather a “gated community” of users who are authorized to send and receive sensitive data. Another benefit is that it exists parallel to existing email, so there is nothing to replace. Any organization dealing with sensitive data could use MOVEit Cloud. I rate it higher than CipherPost Pro because it has better file and folder management, but the two platforms are highly similar.
|OS Compatibility||Windows Vista, Windows XP, Linux, Mac OS, Windows 7, Windows 8|
Copyright © 2012 Ziff Davis, Inc