Relying on the help of a third party website to transfer a large file containing sensitive information raises security concerns. Who else will have access to the file? Does anyone with access to the server have unbridled reign over all files that are currently being transferred? Free file transfer

3 Primary Concerns

• Corruption of Files: When downloading a file from a third-party website, there’s a fear that some of the quality or integrity of the file got lost during the transfer, thereby making it inaccessible or usable.

• Viruses: Viruses and malware are prevalent on the Internet, and find various ways to seed into files. Since the file is going through a third party, the likelihood of being exposed to a virus seems greater than if a file were just transferred via e-mail or FTP.

• Theft: By hosting a file on a third party website know for hosting several files, your file is more likely to be stolen by a hacker. Another concern is that those with access to the data centers could read personal information from any of the files that are hosted on their servers.

Safety Methods Used

Some file transfer websites have both electronic and physical safeguards in place to protect the files being transferred. A few of the methods are data scrambling, physical safeguards, and network access control.

• Data Scrambling and Encryption: One of the more popular free file transfer websites, YouSendIt, scrambles the names of all files on the server, thereby making it impossible for an intruder to the network to identify any given file. YouSendIt promises the only ways to access or download files is either by the link given in the e-mail, or by entering your user information. The majority of file transfer websites use SSL encryption to ensure security on the uploading end as well as the receiving end.

• Physical Safeguards: Some file transfer websites utilize multiple physical safeguards to protect their data centers. YouSendIt’s facilities are protected with double-walled buildings, video surveillance, and on-site security guards.

• User Authentication and Authorization: When signing up for an account, users must enter a valid e-mail address and password. This information is then encrypted on the website sever using a one-way hash. The only ways to access a file are to enter the corresponding user name and password, or be given the direct download link.