Pharma Company Uses MOVEit to Meet Security and Compliance Standards

Pharma Company Case Study Thumbnail
Industries:
Life Sciences
Products:
MOVEit

Challenge

  • Integrating acquired companies while meeting compliance policies
  • Replacing FTP products used by acquired companies with a secure, centralized solution
  • Automating critical and repetitive tasks to run based on schedule or events

Solution

  • Progress® MOVEit® Central Enterprise to automate file-based business processes
  • MOVEit Central Enterprise PGP & ASx Modules for PGP encryption/decryption and key management functionality and secure EDI transfer
  • Progress MOVEit Cloud Premium, enabling all employees to securely transfer files internally and externally

 

 

Result

  • Tasks that took days now take five minutes to accomplish
  • Automated twenty major, regularly scheduled tasks
  • Complete audit and governance of all file transfers
  • Plans for enabling secure pharmacy orders via web application

Full Story

Challenge

The pharmaceutical industry is highly regulated – and highly competitive – and secure transfer of confidential and proprietary data is imperative. For one major pharmaceutical company – with hundreds of products and operations around the globe, secure file transfer has taken on special importance.

The company had been growing rapidly, in part through an acquisition strategy. New companies joining the family presented a real integration challenge. “Each company had its own approach to file transfer,” reported the firm’s Head of Information Security.

“Some were using customized solutions, some manual FTP, sometimes not especially secure. We even had some instances where people were shipping hard drives around. This was a nightmare from a security and compliance standpoint. We really needed to acquire a centralized solution for use throughout the company.”

Security and compliance are critical areas for us. We need to ensure that the proper, secure controls are in place. And we need to have a complete audit trail of all activity. The MOVEit products fully satisfy these requirements.

Head of Information Security

Major Pharmaceutical Company

Solution

After evaluating a number of file transfer products and conducting proof of concepts with four vendors, this pharmaceutical company chose Progress as their provider. “Security was a major element of our criteria,” the Information Security Chief noted. “Features like support for PGP encryption and FIPS 140-2 cryptography validation were critical, and, given our web application plans, MOVEit's support for AS2 and AS3 future-proofs our decision.”

 

The security of MOVEit's data centers, which are SSAE 16 certified, was another key factor. Compliance was also important. With MOVEit, the company has a complete tamper-evident audit trail of all file transfers. “As a 24/7 operation, having a failover solution was also deemed critical. MOVEit was able to provide all this at an attractive price point."

 

The pharmaceutical company carries out a wide range of file transfers. “We regularly transfer confidential data externally, for instance, when we deliver clinical trial results to the FDA. We also take in external data, which we need to secure before it gets inside our trusted network. Also, we have a number of very important internal integration tasks that run on a regular schedule, one example being our payroll process. This is obviously highly sensitive data that’s being submitted from multiple global locations, and we need to make sure that no one can access or open that content as it moves to our central HR systems."

 

In addition, there are collaboration efforts underway. For example, in-house developers work on ERP applications with outsourcing groups and they need a way to securely manage their code base. Further, there is the occasional, day-to-day file transfer that employees do, both internally and externally.

Result

To satisfy all of these needs, the company is deploying a hybrid approach. Payroll and other regular file transfer tasks are handled with MOVEit Central. Files are encrypted and sent from the point of origin to a source server, and MOVEit Central transfers it automatically to the destination server. Task time has been greatly reduced and the files cannot be accessed by anyone outside of HR. The company now has a complete audit trail covering all activity.

 

For inbound data from external users, the files first go to the cloud. From there, Central retrieves it and brings it inside the trusted network: no external users or systems have direct access to this network, keeping it secure. The company also plans to offer pharmacies a way to order products via the web, seamlessly integrating Central’s ASx support with web applications.

MOVEit Cloud is deployed as an easy-to-use solution for general employee needs, whether they’re transferring secure files internally or externally. The company uses the Cloud as the code exchange between in-house developers and their outsourced partners, who are collaborating on ERP applications. "I want to make transferring files as easy as possible for my users. With MOVEit Cloud, they don't need to do cumbersome and error-prone manual file transfers.” The company has started to roll out MOVEit Cloud to all of its many thousands of employees.

 

With MOVEit, the Head of Information Security says, “People get what they want and need – a seamless, simple to use solution, and we get what we want – and need – as a company: security and compliance. This is a tremendous win for us.”

People get what they want and need – a seamless, simple to use solution, and we get what we want – and need – as a company: security and compliance. This is a tremendous win for us.

Head of Information Security

Major Pharmaceutical Company

Learn more
about the products

MOVEit

Keep exploring
stories like this one

Read Next Story