What Is
Managed File Transfer (MFT)?

The Complete MFT Guide

Have questions about managed file transfer?
Get answers, not a sales pitch.

Defining Managed File Transfer

Managed File Transfer (MFT) is a technology that secures and simplifies the process of exchanging files internally or externally to an organization. MFT provides centralized control for IT teams to create, configure, manage and monitor file transfer connections between people, applications, businesses and systems. MFT usually replaces legacy file transfer solutions that require complex coding for automation and lack visibility of file transfers.

Unmanaged File Transfer Solutions

  • Manage scripts created for file transfers
  • Dig through log files to troubleshoot issues
  • Maintain many disparate file transfer solutions

Diagram of how messy and unsecure unmanaged file transfer can be amongst internal/external sources, systems, applications, cloud and databases when relying on email, FTP and shared storage

Managed File Transfer Solutions

  • Configure and manage file transfer workflows online
  • Have detailed reporting and real-time alerts
  • Operate a single MFT solution for their organization

Diagram of how efficient, safe and compliant file transfer is when using a managed file transfer solution between internal/external sources, systems, applications, cloud and databases

Managed File Transfer Background

MFT originated from the requirement to control and govern data. The basic client-server model has been used to transfer files for decades. It started in the 1970s with File Transfer Protocol (FTP). FTP does not encrypt data on its own, so it cannot secure file transfers. In the late ‘90s, the SSL and SSH protocols became available to authenticate clients to servers and create encrypted sessions.

To meet business requirements, IT departments wrote scripts to automate file transfers on a private network or over the public internet. Eventually evolving into complex, inflexible pieces of code, these scripts are prone to errors that are difficult to diagnose and remedy. They are also extremely challenging to maintain because nothing has been documented and the original authors have moved on.

As these systems fail more frequently, the more they disrupt business processes. Since alerts are rarely built in, failures are not detected until someone complains. As regulations increase, these systems are no longer “fit for purpose” because they were created without consideration for data governance.

Today, many organizations are riddled with disparate client-server integrations that IT teams have little or no knowledge of. IT teams are often overwhelmed with maintaining known integrations while facing pressure from their compliance departments around data governance failings.

Managed file transfer is the solution to these file sharing challenges.

How Does MFT Work?

Here is a high-level overview of how managed file transfer fits into the file transfer process.

numeral 1

MFT Deployment

The MFT solution can be deployed on-premises or in the cloud depending on your organization’s security guidelines, scope of project or overall data strategy.

Image showing deploying in the cloud or internally

numeral 2

File Transfer Configuration

Configure and schedule file transfers by connecting source and target endpoints in a graphical user interface (GUI). MFT is protocol-agnostic and acts as a client or server sitting between the source and target endpoints.

Image showing person using GUI in a monitor to transfer files

numeral 3

File Transfer Automation

After setup is complete, files are transferred either on a schedule or an event based on the configuration.

Image showing files are transferred by using MFT

numeral 4

File Transfer Reporting

File transfer status is broadcast to IT in dashboards and through automatic alerts.

Image showing managed file transfer sends alerts and has monitoring GUI

How Is MFT Used?

Diagram showing how managed file transfer MFT is used for both internal and external file transfers

Most managed file transfer use cases fall into one of these categories:

Internal Automated File Transfer »

Transfers between systems within your company’s local area network (LAN).

External Automated File Transfer »

Transfers between your company and your trading partners.

File Sharing »

Internal or external ad-hoc file sharing.

High Speed File Transfer »

Speeding up large file transfers over long distances.

Benefits of Managed File Transfer

Protect confidential information.

The number of data breaches in the U.S. increased by over 50% from 2010 to 2020. By encrypting files in transit and at rest, managed file transfer solutions keep data secure. Managed file transfer solutions help organizations remain compliant with government and industry regulations, including GDPR, PCI DSS and HIPAA.

Reduce IT overhead.

Legacy in-house file transfer solutions are built by highly skilled programmers on common scripting languages such as Bash, Shell, VBScript and Windows PowerShell. These scripts are executed on a time schedule using tools like Windows Scheduler or a Linux “cron job” command transferring files to and from FTP clients and servers. This process is time consuming to manage and unreliable for business-critical file transfers.

With MFT, an IT team can use a no-code graphical user interface (GUI) to automatically transfer files. It significantly reduces the time taken to create and automate file transfers between endpoints.

Add reliability to business processes.

Organizations that do not use managed file transfer may suffer from downtime due to servers that lack redundancy. They may also have issues with undocumented scripts that automate file transfers.

Reliable data flow is crucial for a company’s success. When file transfers fail or are incomplete:

  • Business processes fail.
  • Lack of data restricts ability to make informed decisions.
  • Costs go up—for repair and for breaking service-level agreements (SLAs).

Managed File Transfer and Security

Illustration of defense-in-depth (DiD) security layers that includes data, application and cloud infrastructure security

Data must be secured against cybersecurity attacks: 86% of companies surveyed expect to be attacked and breached in the next 12 months.1 To prevent data breaches, a managed file transfer solution must have a defense-in-depth model. This approach to security protects files, prevents unauthorized users from accessing them and keeps attackers from entering the network.

Fundamental Security Features of a Managed File Transfer Solution

  • Role-based access control: Ensures access only to authorized users.
  • Multi-factor authentication: Users must provide two or more pieces of evidence to gain access.
  • Encryption of files in transit: Files moving from source to target are encrypted (e.g., HTTPS, SSL and TLS).
  • Encryption at rest: Files stored are encrypted using the Advanced Encryption Standard (AES).
  • File-level encryption with Pretty Good Privacy (PGP): Provides an extra level of protection of files in the event they get into the wrong hands
  • Secure user creation: Authenticate and validate users against existing user repositories such as LDAP and Active Directory.

File Transfer Protocols Guide

Managed file transfer applications should be protocol agnostic, meaning a business can exchange a variety of files, internally or externally, regardless of transfer protocol, file type or size. The most common file transfer protocols are FTP, FTP over SSL/TLS (FTPS), SSH File Transfer Protocol or Secure File Transfer Protocol (SFTP) and Hypertext Transfer Protocol Secure (HTTPS).

Pros and Cons of Most Common File Transfer Protocols

Protocol Type Port Encryption Use Case Pros Cons
FTP TCP No encryption Sending/pushing from FTP client installed on computer or receiving/pulling files from FTP server to FTP client. None Not secure and not recommended. Unencrypted and not designed for today’s more advanced security standards or compliance requirements.
FTPS TCP 21/990 Transport Layer Security (TLS) to secure channel. TLS uses certificates to check that user is connected to correct server. Sending files from FTPS client installed on computer or receiving/pulling files from FTPS server to FTPS client. FTP connections are established from client to server via Explicit or Implicit control channels. Explicit FTPS control connections take place on TCP port 21. Implicit FTPS control connections take place on TCP port 990. Requires authentication using public and private keys, part of the public key infrastructure (PKI).
SFTP TCP 22 Secure Shell (SSH) provides secure data stream and encrypts authentication credentials and actual files being transferred. SSH prevents hackers from intercepting files in transit. Sending files from SFTP client installed on computer or receiving/pulling files from SFTP server to SFTP client. Probably most common protocol for automated file transfer but does require some administration. IT team has to manage public/private keys for all SFTP clients. More difficult to set up SFTP client and manage keys. Slightly slower than FTPS since SFTP uses same channel for control and data.
HTTP TCP 80 No encryption Sending files from web server. None Not secure and not recommended.
HTTPS TCP 443 Encryption Sending files from web server. Firewall friendly. Port 443 is normally open for outbound connections so can be easier to manage as no client software is required. Authentication does not require certificates.
AS2 TCP 80 or 443 With TLS Typically only needed for electronic data interchange (EDI), a specific use case sometimes referred to as B2B communication. Can handle almost any file type. Value-added network (VAN) unnecessary since AS2 relies on HTTP/S. Only supports uploads. Does not support custom commands. Not commonly supported by servers.
PeSIT TCP 6330 Must be used with TLS for encryption. For EDI, specifically by European banks. Designed with focus on control and security. Less commonly used. Removed from public view around 1995.
SCP TCP 22 With SSH Rarely used in MFT applications. Commonly found on Unix systems. Only useful when single command-line command must be used and cannot use single-command SFTP script. Secure and reliable. Provides encryption in transit, strong authentication and transfer resume. No native Windows client or server. Not commonly supported by servers.
OFTP TCP 3305 for OFTP, 6619 for TLS With TLS For EDI. Used mainly in European automotive, engineering and transportation industries. OFTP2 provides additional security with file encryption and strong authentication through X.509 certificates. High cost of OFTP2 servers require small / medium-sized companies to use EDI service providers.

Why Use MFT instead of FTP and SFTP Servers?

Many companies use FTP/SFTP/FTPS client-server configurations to transfer files internally and externally. This introduces three main challenges that managed file transfer addresses:

  1. Automation requires coding, which is time-consuming to set up and manage. It also requires skilled programmers, which is expensive.
  2. Security can be compromised, as these configurations can be deployed in many instances across the organization without any central control over visibility and user access.
  3. Reliability is an issue, as the solution coded is rarely documented or continually updated to keep up with the demands of the business.

By switching to a managed file transfer solution, organizations can continue using SFTP/FTPS protocols and connecting to partners’ existing servers or clients’ endpoints, all managed in a centralized MFT system.

Comparison of FTP Servers, SFTP Servers and Cloud MFT for File Transfer

  FTP Servers SFTP Servers Cloud MFT
Security Level Low
File transfers are unencrypted and easily readable by a cybercriminal.
Medium
File transfers are encrypted, but multi-factor authentication and other security measures may not be supported.
High
File transfers are encrypted and other security measures are included (multi-factor authentication, role-based access controls, etc.)
IT Time Commitment High
IT teams individually code connections with partners, systems, users and cloud applications.
High
IT teams individually code connections with partners, systems, users and cloud applications.
Low
Non-technical or IT teams configure and manage workflows online.
Scaling Difficulty High
IT teams manually set up and maintain new servers.
High
IT teams manually set up and maintain new servers.
Low
The managed file transfer solution scales automatically.
Visibility Level Low
No reports on user action and no alerts if file transfers fail.
Low
No reports on user action and no alerts if file transfers fail.
High
Detailed reports and automatic alerts.
System Maintenance Responsibility of organization’s IT department. Responsibility of organization’s IT department. Cloud MFT: Managed infrastructure.
On-premises MFT: Responsibility of organization’s IT department.

Managed File Transfer Deployment

Definition of Cloud, On-Premises and Hybrid Managed File Transfer

Cloud MFT is deployed in the cloud and offered as a managed file transfer as a service (MFTaaS) solution. MFTaaS is hosted and managed by a third-party provider—either in its cloud or the customer’s private cloud.

On-premises MFT is typically deployed in a company’s DMZ and inside its LAN. Companies deploy in the DMZ for file exchanges with external parties so they do not access internal, secure servers. The MFT system installed on the network makes an outbound connection to the DMZ instance to collect files delivered by partners or place files for partners to collect. On-premises MFT is managed by the organization’s IT team.

Hybrid MFT is a deployment model where central file transfer control is orchestrated from the cloud and on-premises MFT agents are used for internal network transfers. This model allows organizations to take advantage of benefits of cloud MFT while still keeping internal file transfers away from the public internet.

Comparison of Cloud, On-Premises and Hybrid Managed File Transfer

  Cloud and Hybrid MFT On-Premises MFT
Total Cost of Ownership*
  • Lower capital, or one-time, expense for deployment
  • Predictable usage-based operational costs
  • Lower maintenance and management costs
  • Higher capital, or one-time, expense for deployment and hardware
  • Lower periodic operating expense
  • Higher maintenance and management costs
Security Managed by the vendor: They put measures in place to protect the cloud infrastructure, application and data. Managed by your IT team: They take steps to protect the servers and internal network.
IT Involvement Lower because the vendor handles deployment. Your IT team is trained to use the software. Higher because your IT team sets up servers and adds new ones when demand rises.
Time to Value Fast because the vendor only takes a couple days to give you an instance within their cloud. Once deployed, your IT team quickly configures and manages workflows. Slow because your IT team needs to design the solution, determine how it fits into the current infrastructure and set up rules.2

* Note: The total cost of ownership depends on the current cost of on-premises and cloud MFT solutions, how long you keep the managed file transfer solution and other factors.

The bottom line: If you have more resources available, you can make on-premises MFT work, but it is difficult to scale and maintain. If you want to spend less time on MFT, cloud or hybrid MFT is a better choice.

Managed File Transfer Integrations

Integrating your managed file transfer solution with other applications reduces the likelihood of errors and streamlines business processes. An MFT solution can integrate with any application with an application programming interface (API). MFT solutions can also integrate with integration platforms as a service (iPaaS), which companies use to build workflows that connect applications, data and services.

MFT Needs iPaaS

MFT alone cannot

  • Be used to create no-code workflows that connect applications and services nor
  • Handle large volumes of small messages.

iPaaS Needs MFT

iPaaS alone cannot

  • Store files until delivery nor
  • Handle large file transfers nor
  • Alert administrators when file transfers fail.

Diagram of MFT integrated with an iPaaS to manage file transfers between external networks and the enterprise. iPaaS performs data processing and MFT picks up and delivers files.

Managed File Transfer Fundamental Features

MFT feature requirements vary based on the use case, but here are five fundamentals:

1. Automation

Illustration showing concept of files being moved to servers by an automated arm

Workflows are configurable to automatically transfer files. Once workflows are set up and partners are added, IT involvement is only necessary for new partner onboarding or if an error occurs. By automating what is currently done manually, the IT team can focus on other projects and improve file transfers for everyone.

2. Guaranteed Delivery

Illustration of retrying to deliver files to server until successful

Instead of IT digging through code to discover when and why files were never delivered, the MFT solution

  • Stores files until delivery.
  • Automatically detects and retries failed file transfers.
  • Resumes incomplete file transfers.

3. Reporting

Illustration of monitor with user interface that receives alerts when there is an issue

User actions are recorded and administrators are automatically alerted if something goes wrong. Without dashboards and alerts, even the “smartest” MFT solution is unhelpful and frustrating for administrators. They may discover problems too late or spend hours combing through code.

 

4. Encryption & Antivirus Scanning

Illustration of PGP encryption represented as a shield and a surveillance camera to represent scanning for viruses

All files are encrypted from end to end so they are unreadable if an attacker intercepts them. Files are scanned frequently and quarantined if virus is detected.

Keeping files secure helps with compliance to government and industry regulations, keeps customer data protected and protects confidential employee information.

5. High Availability & Disaster Recovery

Illustration of data centers being located around the globe

Managed file transfer is dependable—if one component fails, another component takes over. For example, an MFT vendor uses multiple data centers and servers in case something happens to one of them.

Choosing an MFT solution with high availability reduces SLA penalties and liabilities. Additionally, the organization and its partners receive up-to-date information to make informed decisions.

 

Free vs. Paid Managed File Transfer

  Free File Sharing Solutions Paid MFT
Security May not have two-factor authentication, dashboards or other security measures Includes security measures necessary to comply with government and industry requirements
File Transfer Size File transfer size limits (2-30 GB) No file transfer size limits
Storage Limited permanent storage (2-50 GB) Unlimited storage
Cost of Use Technically free, but costs of doing it yourself (installation, maintenance and support) should be considered Monthly cost covers disaster recovery, high availability, scaling and maintenance
Integrations No or limited connectors for other applications Connectors for iPaaS and other applications

Top Questions for Managed File Transfer Vendors

What is the pricing model?

It is important to understand pricing from the beginning so you know whether the MFT solution works with your budget. Asking for pricing early avoids wasting time for you and the vendor.

Is there a minimum contract length? How long is it?

Once the pricing model and minimum contract length is known, the estimated return on investment (ROI) can be calculated.

Does the MFT solution include any out-of-the-box integrations?

If your file transfer solution needs to integrate with certain applications or an integration platform as a service (iPaaS), this is another question to ask early in the vendor vetting process.

Where does the MFT solution run?

If your organization recently introduced a new cloud or on-premises strategy, the new MFT solution needs to fit with it.

Where are the data centers located?

Compliance requirements may limit use of data centers to certain locations. Additionally, knowing distance between data centers and organization/trading partners helps determine whether latency issues may arise.

How long does deployment, training and migration typically take?

The vendor’s answer will help you know how soon you can use the MFT solution.

How many clicks does it take to create one file transfer workflow?

This is one of the most objective ways to measure ease of use.

How many clicks does it take to add a partner?

This will help you determine how long partner onboarding may take.

Do you have customers in our industry that we can contact?

Customer references are great for understanding the difficulties and benefits of implementing different MFT solutions.

Can we sign up for a free trial?

With a free trial, you can determine if the vendor’s claims are true and hear feedback from your IT team before making a purchase.

MFT Resources

MFT Features Datasheet

With reusable workflows and client/server functionality, Thru fits many different use cases for managed file transfer.

Learn more about Thru’s MFT offering »

MFT Buyer’s Guide

The Ultimate Buyer’s Guide highlights the essential MFT functionality and capabilities to consider in evaluating options to modernize your MFT architecture.

Determine the best MFT solution for your organization »

MFT & iPaaS White Paper

Read more about how MFT technology built on a modern cloud platform with extensive APIs can be part of existing iPaaS strategies.

Discover how MFT and iPaaS combine for a seamless solution »

Sources

1 Millman, Rene (2021, August). 86% of organizations expect a cyber attack in the next 12 months. IT Pro.
2 On premise vs hosted Managed File Transfer. Prot2col Limited.

Have questions about managed file transfer?
Get answers, not a sales pitch.

Our focus has always been enterprise-level managed file transfer. Submit your MFT question(s) and we’ll be in touch with answers.

 
 

Scroll to Top