Managed File Transfer and Network Solutions

"Always use strong passwords." - You probably don't pay too much attention to this advice, do you? A lot of people don't either. That's why brute force is still one of the favorite techniques for breaking into any password-protected system, including FTP servers. It's really not very difficult to carry out. Let me show you.  

Overview

Rogue FTP servers can be a menace. Not only do they pose a serious threat to company privacy, they can also stand in the way of regulatory compliance. In this post, you'll learn where these servers come from, what specific dangers accompany them, and how they can be detected.

Overview

A lot of people who often send files just love FTP. The File Transfer Protocol allows users to transmit volumes of files over the Internet through uncomplicated FTP clients, some of which are already built-in in the two popular operating systems, Windows and Mac OS X. Sadly, this well-loved technology is not very secure. That's why people who craft regulations like PCI DSS are wary of it. They know that an attacker armed with a packet sniffer can easily obtain usernames and passwords just by sniffing an FTP connection. 

Overview

Every year since 2010, Ponemon Institute conducts a research entitled "Cost of Cyber Crime Study". One of the main goals of the study is to quantify the economic impact of cyber attacks. This information is meant to help organizations determine the appropriate capital investment for countering these attacks or minimizing their impact. 

There are a number of things to consider when setting up the reverse proxy and firewalls in your DMZ. These things are going to have a significant impact on the performance and security not only on your file transfers but for your entire network in general, so you really need to weigh the advantages and disadvantages of each set up before deciding how you are going to put everything together. 

Overview

Whenever you generate a server key on JSCAPE MFT Server, you're asked to specify a key length. Since longer keys translate to stronger security, choosing the longer key length might seem like a no-brainer. But why did JSCAPE have to include an option for a shorter key then? Will there be instances where you'll have to choose the shorter key? The answer is yes. And in this post, we'll explain when that can be the case.

Overview

PCI-DSS (Payment Card Industry Data Security Standard) contains a couple of requirements that practically discourage organizations who handle credit card data from using FTP for their file transfers. In this post, we'll examine those requirements more closely to see what the options are for those who still find it difficult to ditch this antiquated technology. 

Applying OpenPGP encryption to a file containing credit card numbers

In Part 1, we showed you how to configure DLP on a group directory in order to detect uploaded files that contained credit card numbers. Then in Part 2, we laid out the steps for sending an automatic email notification whenever such files were detected. This time, we're going to teach you how to protect those files using OpenPGP encryption.  

If you followed the steps in Part 1, then you should now have a DLP-enabled group. That group directory will have the capability to detect files stored in it that contain certain credit card numbers. If a member of that group attempts to download such a file, the server will prevent the download from taking place and fire a "DLP rule matched" event. In the screenshot below, a user is prevented by JSCAPE's DLP from downloading a file containing MasterCard numbers.

Overview

A large majority of data security breaches are actually caused by insiders. In fact, one Ponemon study revealed that 39% of data security breaches are due to non-malicious employee errors. In a file transfer server, where multiple users can share a single folder, such incidents can easily happen.