Don’t get caught out by risking a data breach. Protect the personal data you hold – and your business – when sending it to a third party (e.g. for cleansing and analytical purposes).
The following guidelines for transferring marketing data between two locations are recommended by the Direct Marketing Association as best practice.
Marketscan can offer advice on the best method for your business and help you with transferring data securely. Additionally, a confidentiality agreement can be set up before any data transfer takes place.
Before Transfer
Before the transfer of any marketing data is undertaken, consider:
- Is the transfer really necessary? Do not move data unless you really need to!
- Are you transferring more than is needed? Reduce the amount of data you move to minimise the risk and consequential damage if it does get lost. Consider sending only those records that are needed or only the specific fields that are required.
- Are you certain that the recipient of your data is authorised to receive and process it?
- Are you certain that your recipient has adequate security measures to safeguard your data?
- Do all parties have the correct data protection notification?
- Are there sufficient security measures in place? Including encryption, pseudonymisation and transfer methods.
Methods of Transfer
Having ascertained that a transfer is required and reduced the data to the minimum necessary, it is important to consider HOW the data is transferred. Many methods of moving data from place to place are available but the main ones to consider are as follows:
- Secure File Transfer Protocol (SFTP)
- File Transfer Protocol (FTP)
- FTP/SHTTP/S
- HTTP/S
- Physical transfer by courier or post
These have been listed in order of preference for guaranteeing the maximum level of security.
1. Secure File Transfer Protocol (SFTP)
- This method is a point-to-point transfer from client to server.
- Data is transferred directly from one machine to another and is encrypted throughout the journey.
- With SFTP, sending usernames and passwords in clear text is a thing of the past.
- Furthermore, this is completely transparent to the user and the way the application behaves is the same.
- SFTP software is available at a reasonable cost from many suppliers.
Encrypt files separately
Separately compress and encrypt files BEFORE transfer so that access to the data is still controlled once on the recipient’s server. Various software applications are available for this – research to find the most appropriate for your purpose.
Set strong passwords
Passwords used for both file compression and the SFTP session should be unique and strong – meaning at least 10 characters, containing both numbers and letters and not based on a dictionary word.
Exchange passwords separately to the files
Ensure that passwords are exchanged securely – and separate to the data files.
Expire passwords
SFTP passwords should expire after a suitable time period.
Log all transfers
All transfers should be properly logged to enable proof of delivery – and to check that downloads are only actioned by authorised parties.
Remove files from SFTP servers immediately after transfer
Data should be promptly removed from your SFTP servers after download by the recipient and in accordance with your organisation’s data retention policy.
2. File Transfer Protocol (FTP)
- FTP is a point-to-point transfer from client to server.
- Data is transferred directly from one machine to another but the transfer is NOT encrypted.
- All data is passed back and forth between the client and server without the use of encryption.
- This does make it possible for an eavesdropper to listen in and retrieve confidential information, including login details.
- FTP is not as secure as SFTP but, if the additional guidelines below are followed, is probably better than the alternative methods listed.
Encrypt files separately
Because FTP does not automatically encrypt data, you should compress and encrypt files using another software program before transferring via FTP.
Be extra secure with passwords
It is even more important that the rules above relating to passwords and removal of data are followed.
Log all transfers
All transfers should be properly logged to enable proof of delivery – and to check that downloads are only actioned by authorised parties.
Remove all files from servers immediately after transfer
Data should be promptly removed from your FTP servers after download by the recipient and in accordance with your organisation’s data retention policy.
3. FTP/S
- This is the same protocol as SFTP but with data encrypted using Secure Sockets Layer (SSL) encryption.
- If you use this protocol, check that your server is configured to encrypt both the authentication and the data transfer layers – as often only the authentication is encrypted.
- If both encryptions are enabled, then this method is at a similar level of security to SFTP and has the added advantage of not requiring anything other than a browser to access.
4. HTTP/S
- This protocol is often used for files being downloaded from web servers.
- It can be very secure and is very convenient to the end user as files can be downloaded easily via web links and email links.
- It should be noted though that it is probably only suitable for relatively small files as transfers cannot be resumed if interrupted and have to be restarted from the beginning.
5. Physical transfer by courier or post
Physical media transfer carries a much higher risk of data getting lost, damaged or delivered to the wrong person. If this is the only method of data transfer available, then the following guidelines should be followed.
Depersonalise
Ensure that your data is minimised – and preferably depersonalised.
Encrypt
Protect the data with strong encryption – AES256 is recommended.
Use strong passwords
Send strong, unique passwords to your recipient by a separate means.
Use specialist data couriers
Use a courier with a specialist data service if possible.
Have good contracts
Have a good contract with your courier service. If this is to be regular and the data is high value, consider asking to see your courier’s security policies.
Confirm delivery
Confirm delivery with your recipient.
Check signatures
Ensure that signatures and receipts are readable and available quickly.
6. Email
The main problem with transferring data via email is that in most cases the message is not transmitted directly from sender to receiver. There may be several server-to-server hops for the message, each one of which is a potential resting place for a copy of the original message.
Additionally, a copy of the data sent is likely to remain in the accounts of the sender and recipient and on the mail servers of the respective locations. If using this kind of transfer then the following guidelines should be undertaken.
Depersonalise
Ensure that the data is minimised and depersonalised.
Encrypt
Protect the data with strong encryption before attachment – AES256 is recommended.
Use strong passwords
At least 10 characters, containing both numbers and letters and not based on a dictionary word. Send strong, unique passwords to your recipient separately – preferably by telephone rather than another email message.
Check tracking receipt
Ask for a tracking receipt so you know when the email is opened.
Delete email from all email folders
Delete the attachments/sent email, plus and draft copies, after the message receipt is confirmed.