Most recent

Trust No One: How to Secure File Uploads from Customers

By Eitan Bremler
secure file upload

For a lot of companies, file upload is one of the main methods for doing business with the public. As an example, let’s say that you’re customer doing business with a health insurance agency, and they’d like some records from you. Unless there’s a problem with your application, you’re not likely to ever communicate with a specific agent. Rather, you navigate to a form on their website, hit a button that takes you to a file browser, select the file you want, and submit. Thus, business is done. Even though it’s important to secure email, B2C companies do much more business using secure file upload. 

Now, let’s say that you’re not a customer, but a B2C company itself. How do you ensure that the file your customer just uploaded wasn’t harboring a virus?

How Can You Properly Vet Files Without Slowing Down Your Business?

There are two criteria for scanning file uploads from customers. The first, of course, is security—the file-scanning solution must scan every file in a segregated zone, and reliably catch malware. The second is convenience. Time is money, so the solution needs to scan as many incoming files, as quickly as possible so they can be turned around into whatever business-critical function they serve.

Security is far easier said than done. As opposed to email, which goes directly from person-to-person, secure file upload takes complicated channels. An uploaded file may go directly to central storage, or it may be sent immediately to a person, or it may go via complicated authentication and authorization workflow before even getting scanned —but that person is never a specific person, just a generic “next available agent.” With so many potential destinations and stops in the way, the best place to scan the file is not immediately clear.


Centralization is Key to Secure File Upload

With Safe-T Box (in combination with RSAccess), we create a unique secure file upload solution, which utilizes what we call a “scrubbing zone.” Essentially, we know that there’s no way to trust that any file sent from a customer, doesn’t have malware in it. All files uploaded by customers are untrusted, so our solution designates a specific area where all customer input is sent before being passed along into the internal network. The files are scanned here—not at the employee endpoint, and not while it’s in a central storage repository.

By scanning files in the scrubbing zone, we ensure that not only is every file scanned, but also that malware can’t harm anything if it executes. Furthermore, we make this solution incredibly easy to set up, easy to use with a company’s existing assets, and fast enough that it won’t slow down existing business processes.

Safe-T Makes Security and Centralization Easy

The key to this convenience is our connectors. We can integrate with the APIs of most pre-existing file upload portals, mobile apps, authentication solutions, endpoint protection software, with email providers, and with enterprise file storage solutions. Setting up our secure file upload solution, which also creates a scrubbing zone on your network, utilizing your pre-existing antivirus solution to scan files, and then automatically uploads trusted files to the designated storage or emails them to your next available agent – receiving files from your customers or citizens is now nearly as simple as drag-and-drop.

To give you some ideas of what can be achieved with our secure file upload solution, here are some examples of our customers’ usage:

  • Scan uploaded digital cheques deposited by bank customers
  • Scan uploaded scanned paper cheques deposited by bank customers
  • Scan uploaded photos of electrical hazards taken by concerned citizens
  • Scan uploaded medical documents uploaded by health practitioners
  • Scan uploaded tax return documents uploaded by citizens
  • And more….

For more information about Safe-T Box, as well as how to use it in combination with RSAccess in order to create scrubbing zones for your organization, contact us today.

<< Watch the OnDemand Webinar: Unifying Your Data Exchange >>


All posts