Blog

Forward Proxy vs. Reverse Proxy Servers

Posted by John V. on Tue, Jun 15, 2021 @ 10:30 AM

Overview: Forward Proxy vs. Reverse Proxy

We've talked about reverse proxy servers and how they can really be good at protecting the servers in your internal network. Lately, however, we've realized that some people actually think we're talking about forward proxy servers or that the two are the same, but they're not. This post will explain the differences between forward proxy and reverse proxy use cases.

Read More

Topics: JSCAPE MFT Gateway, Compliance, Reverse Proxy

What Is HTTP Strict Transport Security (HSTS)?

Posted by John Carl Villanueva on Sat, Jan 16, 2021 @ 04:30 AM

When I first read about HSTS, my first reaction was, "What's this? A replacement for HTTPS? Considering the ubiquity of HTTPS, shouldn't we be working to improve it first instead of replacing it?" Turned out, my initial understanding of HTTP Strict Transport Security was off the mark. 

Read More

Topics: Security, Compliance, Secure File Transfer

How To Secure And Protect Data At Rest

Posted by John Carl Villanueva on Thu, Jul 09, 2020 @ 03:52 AM

To prevent confidential data from leaking out of your organization or getting stolen, your cyber security efforts have to be aimed at two areas: securing data-at-rest and securing data-in-transit (sometimes referred to as data-in-use). Data-in-transit is often secured by protocols that use an Advanced Encryption Standard (AES) and require encryption keys. But what about data-at-rest protection?

Read More

Topics: JSCAPE MFT Server, Security, Data Loss Prevention, Compliance

What is FIPS Compliance & Should I Enable it for File Transfers?

Posted by John Carl Villanueva on Mon, Dec 31, 2018 @ 01:16 AM

JSCAPE MFT Server encrypted file transfer protocols like SFTP and those secured through TLS (e.g. HTTPS, FTPS, AS2, OFTP, and WebDAVS) can be configured for FIPS compliance. Since this is a function that isn't switched on by default, you might wonder if it's necessary to enable it at all. 

Read More

Topics: JSCAPE MFT Server, Managed File Transfer, Compliance, Secure File Transfer, SFTP, FTPS

How to Find Rogue FTP Servers & IP Addresses | JSCAPE

Posted by John Carl Villanueva on Wed, Sep 19, 2018 @ 11:23 AM

Note: This blog post was originally published on November 30, 2012 but was updated and republished on September 19, 2018.

Overview

Rogue FTP servers can be a menace. Not only do they pose a serious threat to company privacy, they can also stand in the way of regulatory compliance. In this post, you'll learn where these servers come from, what specific dangers accompany them, and how they can be detected.

 

Read More

Topics: Managed File Transfer, Security, Compliance, JSCAPE MFT Monitor

Required MFT Server Password Settings for PCI DSS Compliance - Part 2

Posted by John Carl Villanueva on Thu, Sep 13, 2018 @ 04:38 AM

In part 1, we enumerated all PCI-DSS requirements that directly affected password settings and practices. Here, we're going to show you how and where in JSCAPE MFT Server you can configure settings in order to meet those requirements.

Read More

Topics: JSCAPE MFT Server, Managed File Transfer, Security, Compliance, Secure File Transfer

Required MFT Server Password Settings for PCI DSS Compliance - Part 1

Posted by John Carl Villanueva on Thu, Sep 13, 2018 @ 04:37 AM

This article was originally published on May 18, 2012 but was updated on September 12, 2018 to align with PCI DSS 3.2.1.

 

Overview

Certain PCI-DSS requirements dictate how passwords should be generated, managed and used in file transfer systems located within or connected to your cardholder data environment. In this post, we'll identify what those requirements are and then point to ways you can meet them when using JSCAPE MFT Server.

Read More

Topics: JSCAPE MFT Server, Managed File Transfer, Security, Compliance, PCI-DSS, Secure File Transfer

Guide to HIPAA Compliant File Transfers - Part 3

Posted by John Carl Villanueva on Thu, Jul 19, 2018 @ 03:40 AM

Guide to HIPAA Compliant File Transfers - Part 2

Read More

Topics: Managed File Transfer, Security, Compliance

What is TOTP? | Time-Based One-Time Password | JSCAPE

Posted by John Carl Villanueva on Wed, Jul 18, 2018 @ 05:30 PM

TOTP or Time-based One Time Password is an algorithm that factors in the current time to generate a unique one-time password. It is increasingly becoming an option for 2-factor authentication (where it is typically used alongside username/password authentication) in secure cloud / web-based applications. 

Read More

Topics: JSCAPE MFT Server, Managed File Transfer, Security, Compliance, Secure File Transfer

Groups and their role in regulatory compliance - Part 2

Posted by John Carl Villanueva on Thu, May 10, 2018 @ 04:20 AM

Let's now see those groups we talked about in Part 1 in action. You might want to review the Group memberships found in the later part of Part 1 and see which user(s) belong to which group.

Read More

Topics: JSCAPE MFT Server, Compliance, AnyClient