Retail chain delivers daily inventory data to every store — no VPN, AES-encrypted, on schedule.
A retail chain needed to push fresh inventory and catalog data from headquarters to every store, every morning, before automated systems updated the registers and customer-facing displays. The challenge: most stores didn't have site-to-site VPN tunnels back to HQ, the data had to traverse the public internet securely, and some stores ran on low-bandwidth connections. They needed a transfer mechanism that was secure, lightweight, and bulletproof on schedule.
One headquarters. Many stores. A morning deadline.
Every morning before opening, each retail store needed the latest dataset from headquarters — current inventory levels, pricing updates, new SKUs, promotional catalog files. Downstream automation at each store would then ingest the data, update local systems, and refresh the registers, scanners, and customer-facing displays. If the data wasn't sitting on the store's local Windows file share when those automated jobs ran, the day started wrong.
The hard part wasn't the data — it was the path. Building site-to-site VPN tunnels to every store would have meant new firewall hardware, ongoing tunnel maintenance, and IT overhead at every location. Some stores ran on consumer-grade internet connections where a heavy transport protocol would simply fail. And because the data crossed the public internet, security wasn't optional — it had to be encrypted end-to-end, with an audit trail compliance could sign off on.
One source. Many destinations. One TCP port each.
GS RichCopy 360 Enterprise sat at headquarters as the central distribution server. RTA clients ran on every store's file server, each waiting on a single inbound TCP port.
A morning data drop is no place for a complicated stack.
For a daily, scheduled, secure data distribution to many small remote sites, each conventional option came with deal-breakers.
Site-to-site VPNs were too heavy
Standing up and maintaining VPN tunnels to every store would have meant new firewall hardware, ongoing IT involvement at every site, and a tunnel for every store that needed monitoring and renewal.
Plain FTP / SMB over the internet wasn't secure
Sending business-critical inventory and pricing data over the public internet in cleartext was a non-starter for compliance — and an obvious risk of being sniffed in transit.
SFTP and cloud sync had blind spots
SFTP setups quickly became a sprawl of credentials and scripts across many stores. Cloud sync tools required platform accounts at every location and didn't fit cleanly into the existing Windows file-share workflow.
Low-bandwidth stores couldn't take the hit
Some stores ran on modest internet connections. Uncompressed transfers and chatty protocols simply didn't complete in time for the morning ingest window.
GS RichCopy 360 at HQ. RTA at every store.
The team installed GS RichCopy 360 Enterprise on the source server at headquarters and the RTA (RichCopy Transfer Agent) on every store's Windows file server — a clean hub-and-spoke pattern.
Single TCP Port, Multi-Channeled
Each store needed exactly one inbound TCP port open. RTA's multi-channeled transport handles many files simultaneously on that single connection — no VPN tunnels, no port ranges, no firewall sprawl.
AES 128 / 256 Encryption
Data is encrypted with AES 128 or 256-bit encryption — the same standard used in government and online banking — with no certificate infrastructure to deploy. Compression in transit keeps low-bandwidth stores within their window.
Scheduled Service + Compliance Email
Jobs run as a Windows service on a set daily schedule. On completion, RichCopy 360 emails a compliance mailbox with a full per-store log attached — auditable proof that every store received its data, every day.
What made this work was the combination of one TCP port + AES encryption + in-transit compression. RTA isn't a VPN replacement in the routing sense, but for the purpose of secure file transfer to remote sites without a VPN, it does the job better than a VPN tunnel would. The single port keeps the network footprint trivial. AES protects the data on the wire — the same encryption used for online banking, with no certificate complexity. And in-transit compression means even stores on weak connections finish their morning data drop in time.
The operational piece is just as important. Because RichCopy 360 runs as a Windows service on a schedule, no one logs in every morning to start the job. Because every completion fires an email — with the full transfer log attached — to the compliance mailbox, the team has a continuous audit trail that proves every store received its data on time. If a job fails, the email tells them which store and why, before stores even open.
Every store. Every morning. Encrypted. On time.
Real daily distribution, real encryption, real audit trail.
For HQ-to-branch data, you don't need a VPN. You need a transport.
Building VPN tunnels to every remote site solves a routing problem the retail chain didn't actually have. They didn't need general network connectivity to each store — they needed one secure, scheduled, encrypted file drop, every morning, to every site. GS RichCopy 360 Enterprise with the RTA gave them exactly that: one TCP port, AES-encrypted, compressed for low-bandwidth stores, scheduled as a service, and audit-trailed via email. The morning data was there before the doors opened.
Distributing data to remote sites without VPNs?
GS RichCopy 360 Enterprise with the RTA client delivers secure, AES-encrypted file transfer over the public internet — one TCP port, compression in transit, scheduled as a service, with compliance email reporting built in.