File Transfer Protocol, commonly known as FTP, is the method of using a standard network protocol to securely and confidentially transfer files via a computer network. There are various types of file transfer protocols but FTP is one of the more common methods used within the legal industry. FTP is typically secured through the attachment of SSL/TLS (FTPS).
SSL is short for Secure Sockets Layer, which is issued in the form of a SSL certificate. SSL is a globally recognized standard of security that utilizes encryptions to facilitate communications from browser to server.
With FTP, clients can confidently upload relevant esi and matter information to their eDiscovery support teams without the fear of compromising security. FTP can be used to transfer nearly any file type or size making it convenient when faced with information governance concerns. Allowing teams to streamline information workflows even when handling numerous different native files.
This process is useful when it becomes time for both data load in for processing and data export for production being that when performed properly it’s defensible and streamlined saving counsel from downstream risks.
Data privacy, confidentiality, and authenticity are not compromise-able within eDiscovery and digital forensics. Any degree of doubt within the data can bring massive implications. This makes it crucial that legal teams are using tried and vetted processes with necessary checks and balances in place.
However, the conversation doesn’t end simply with using FTP to move data. It is equally as important that information is transferred to an equally if not heavier secured environment or server. Cold storage (offline, local server) is preferred over cloud storage due to the inherent risks that come with managing data in the cloud.
Given that, whenever counsel is preparing to move data and is inquiring about secure FTP protocols. They should also be aware of where their data is being hosted.
At TERIS, digital and physical security is upmost concern. TERIS is SOC2 certified, ITAR registered, and HIPAA compliant.