In the middle of an already complicated computer world lies the age old requirement of being able to get files from one place to the next. It sounds simple on the surface, but with so many security and performance related issues popping up over the past few years, file transferring is more complex, and riskier than ever. Not only do you have to worry about making sure files get from here to there without picking up a virus, but you have to make sure that the only eyes that see them are those who were intended to. Now throw into the mix the fact that files today are significantly larger than ever before containing videos, pictures, presentations, and data.

The average user, especially the traveling user, argues that they are limited to what they can do, which is generally attaching files to an E-mail. This works, sometimes, but is starting to become obsolete with the massive amounts of spam & content filtering as well as file size limitations mandated by either the sending or receiving organization.

During the initial planning stages of Rock-Pond Connect, a tool developed by Rock-Pond Solutions to manage the deployment of report templates to its customers, several file transfer methods were looked at. The most significant goal of the project was to provide a way to quickly and safely transfer files while maintaining compliancy with the majority of organizations’ IT guidelines. This immediately threw out our good old friend FTP. FTP stands for File Transfer Protocol and is as old as network protocols get, dating back to 1971. It’s insecure, lacks encryption, as well as authentication. Most organizations’ networks don’t even let it in or out of the firewall, and it’s certainly not HIPAA compliant. SFTP was later released with a goal to build in greater security, encryption, and authentication. SFTP is in line with the popular “SSH (Secure Shell)” protocol which is the industry standard for accessing remote Unix-like operating systems. There’s also FTPS, which is an extension to the FTP protocol that adds support for Transport Layer Security (TLS) and Secure Sockets Layer (SSL). Don’t forget that you can always throw your files on a USB stick to accomplish the same task, but now there are new risks, like losing the stick itself! Luckily, there are applications (often times provided with the USB stick) that let you encrypt the data with a password in case of it being lost or stolen. The web is a popular file transfer method, also supporting TLS and SSL, but is mostly uni-directional, meaning the user is usually only pulling files to their system rather than sending them to another. Luckily, Rock-Pond’s requirement for Rock-Pond Connect was only uni-directional, from us to the client.

We ended up coming across a version control system called SubVersion, a quickly growing client / server version control system that efficiently synchronizes files between two or more systems while maintain history and backups. We compared it to our requirements, and it matched up perfectly. We weren’t in need of encryption as the files we are deploying are simply templates, not data. Even if we needed encryption, SubVersion can operate over the TLS / SSL HTTPS protocol.

One of the biggest selling points for us was the fact that our customers could get files from us using an “incremental” approach, meaning they only get what’s been changed since the last time they synchronized with us. This was important to maintain a small bandwidth footprint for ourselves as well as our customers. In addition, transfers take place quickly, and can repeat often.

As I work with home infusion providers around the country, one commonality that I come across is people’s desire to put files “somewhere else”, just in case. Not only that, people are often on a workstation and then traveling using a laptop. Often times a home infusion provider needs to be able to effectively get files back and forth with the company providing them reimbursement services, usually containing sensitive information.

SubVersion, though not a traditional file transfer protocol, has a place in each of these scenarios. For a backup solution, users can synchronize their files to a remote central repository for safe keeping with the ability to revert back to old revisions if need be. No more sudden panics because you accidently delete a file. For the traveling road warrior, you can synchronize your files to a central remote repository from your workstation and quickly pull them down on your laptop. When done with your laptop, synchronize your files and pull them down to your workstation. Two computers, same files. Lastly, to provide files to an outside organization, such as your home infusion reimbursement center, setup a remote repository and synchronize just the files that the reimbursement center should get. They can do the same allowing for a seamless sharing of files over a secure channel.

While there are many options, too many to talk about in this single blog post, SubVersion has met Rock-Pond’s needs well, both from an everyday internal use to a full customer file deployment solution. Look at your own file transfer needs and ask yourself these questions:

• Do you require encryption and fine grain authentication?
• Do you need to transfer files over the internet, and how often?
• What types of people do you need to share files with? How secure are their systems?

Establish file transfer policies and procedures and continue to audit them with today’s ever-changing technology developments. It’s easy to get your files from here to there safely and has never been so important.