Having wrote about data breach prevention back in March 2009, (Top 10 Security Breaches Related to File Transfer in Recent Months) it has now been almost 5 years since I last looked into the connection between file transfers and data leaks. Despite the time lapse it is still a relevant topic for today’s enterprise in 2014.

I recently found this great website containing a online database of data breach incidents. The database goes as far back as 2004 and contains over 7000 incidents, capturing the tendencies over a long period of time with a large data sample. This time I’m not looking into specific incidents but rather focusing on the overall statistics. See below for a pie chart of the incidents by type.
(Source: https://datalossdb.org/statistics)

(Source: https://datalossdb.org/statistics)

From file transfer perspective, let’s focus on the incidents that were related to lack of a proper managed file transfer solution. These include the following breach types:


Leak Type


Percentage of total


Email communication exposed to unintended third party


Lost Drive

Lost data drive, unspecified if IDE, SCSI, thumb drive, etc


Lost Media

Media (i.e. disks) reported to have been lost by a third party


Lost Tape

Lost backup tapes


Missing Drive

Missing drive, unknown or disputed whether lost or stolen

less than 1%

Missing Media

Missing media, unknown or disputed whether lost or stolen

less than 1%

Snail Mail

Personal information in “snail mail” exposed to unintended


Stolen Drive

Stolen data drive, unspecified if IDE, SCSI, thumb drive, etc


Stolen Media

Media (disks or other) generally reported or known to have been stolen by a third party


Stolen Tape

Stolen backup tapes



Data typically available to the general public via search engines, public pages, etc.




When we sum up all these breach types, activities related to file transfer are responsible for almost a quarter (25%) of all data leak incidents. The only other higher group is Hacking at 28%.

To prevent hacking, the solution is usually fairly simple and very well know to the IT staff and it’s to invest in an enterprise grade firewall. On the flip side, the solution to prevent data leaks related to file transfer activities is not always obvious. IT departments often overlook the file transfer needs in their organizations and don’t consider implementing MFT solution.

The following facts further illustrate this disconnect:

Gartner’s market size valuations seems to suggest that IT departments are throwing 10 times more money into their firewalls then into an MFT solution. However, the data compiled from datalossdb.org seems to suggest that the threat on data leaks is comparable between Hacking and file transfer activities, suggesting a disconnect.

Question: Why is the Firewall market 10 times bigger than MFT market while the impact on data leaks is comparable?

In conclusion, I’m suggesting that in 2014 organizations should take the MFT challenge! Dedicate more resources and time to implement a proper enterprise wide MFT solution because file transfers are almost equal in data leak risks just as a broken firewall. FileCatalyst managed and accelerated file transfer solutions help IT departments to reduce or completely eliminate the risks of data leaks related to the file transfer activities.

Proper managed file transfer (MFT) solutions are essential for employees to transfer information effectively and safely while protecting their organization’s most valuable asset: its information. While evaluating your next MFT solution, look for the following features:

  • Ease of use with a simple web interface
  • Tracking and security
  • Enforcement of corporate file transfer policies
  • User email notifications
  • Central management and reporting
  • User management via LDAP or Active Directory
  • Extreme file transfers with the ability to handle file sizes up-to 10GB or even greater and the ability to handle very large amount of files (million or more)
  • Ability to improve file transfer performance on poor or long haul networks