Keeping EDI secure is a question that is increasingly on the top of business owners' minds. The benefits of exchanging transaction data using EDI are well known and established. The process of actually exchanging the EDI data however is often misunderstood and not well known even by proficient EDI users. Secure EDI is a key aspect of implementing any EDI infrastructure that your organization should insist on. An EDI transaction, even though encoded using the EDI standard, is not by definition a secure EDI document. In the event that someone intercepted your EDI message it would be relatively easy for them to decode the document and obtain access to very confidential information. All this can be prevented through a secure EDI implementation.
Understanding Secure EDI
The first step in creating a secure EDI infrastructure is to understand the communication channels your EDI software will use. Specifically, what communication protocols do your trading partners and/or VANs allow you to use to send and receive data. Secure EDI can be accomplished independent of the communication protocol, but the most popular ones tend to be Secured FTP and HTTPS. Regardless of whether you use a VAN or communicate directly to your partner, you should ensure that your EDI transactions are secure EDI by using either the FTPs, the sFTP or HTTPs protocols. The easiest way to accomplish secure EDI communication channels is to acquire software specifically designed to be compatible with secure EDI methodologies. Often this type of software is referred to as "AS2" software but most frequently these software package support more than just the AS2 protocol.
What protocol is secure EDI? By now you may be confused by all these acronyms. FTP, FTPS, AS2 - it seems very daunting. In reality it's really rather simple. In the world of secure EDI there are three main protocols used to exchange EDI data in a secure manner. AS1 is simply the SMTP e-mail protocol that is being used in an encrypted means to exchange EDI data. Similarly, AS2 is nothing more than the HTTP protocol used in a secure manner, and finally the AS3 protocol specifies the use of a secure FTP channel to exchange data.
How do you Select a Secure EDI Provider?
As you start getting more comfortable with secure EDI the process of selecting a software vendor will become easier. The first question you should ask is how many of the secure EDI protocols the software in question can support. Additionally, if you are going to be using the AS2 protocol you should inquire if the software has received what is known as a Drummond certification. This certification is given by an industry watchdog organization known as the Drummond Group that tests secure EDI software and ensures that it meets the specifications as defined.
The world of EDI can be very complicated at first blush. Once you start to understand some of the core terminology and concepts, however, you will find that getting a good working knowledge of EDI is not as difficult as it first seemed. Along the way its important to work with companies that can help you make sense of the entire process and that can provide you with tools and services that will make your experience with EDI better and easier. With over 15 years of experience helping small and mid-sized organizations, EMANIO is just such a provider.