In part 1, we enumerated all PCI-DSS requirements that directly affected password settings and practices. Here, we're going to show you how and where in JSCAPE MFT Server you can configure settings in order to meet those requirements.
Managed File Transfer and Network Solutions
This article was originally published on May 18, 2012 but was updated on September 12, 2018 to align with PCI DSS 3.2.1.
Certain PCI-DSS requirements dictate how passwords should be generated, managed and used in file transfer systems located within or connected to your cardholder data environment. In this post, we'll identify what those requirements are and then point to ways you can meet them when using JSCAPE MFT Server.
Note: This post was originally posted on July 6, 2012 but was updated on August 28, 2018
Whenever you generate a server key on JSCAPE MFT Server, you're asked to specify a key length. Since longer keys translate to stronger security, choosing the longer key length might seem like a no-brainer. But why did JSCAPE have to include an option for a shorter key then? Will there be instances where you'll have to choose the shorter key? The answer is yes. And in this post, we'll explain when that can be the case.
Ever since we introduced Web SSO support in JSCAPE MFT Server (way back in version 8.8), the number of adopters for this method of authentication has been steadily growing. We're not surprised, considering how SSO greatly simplifies end user authentication in organizations that use several web-based applications.Read More
TOTP or Time-based One Time Password is an algorithm that factors in the current time to generate a unique one-time password. It is increasingly becoming an option for 2-factor authentication (where it is typically used alongside username/password authentication) in secure cloud / web-based applications.Read More
In this post, you'll learn how to set up a web-based file transfer service using JSCAPE MFT Server. A web file transfer will allow your users to perform file transfers without having to install a file transfer client. To upload or download files, they'll just need to fire up their favorite Web browser like Firefox, Chrome, Safari, Internet Explorer, or Edge, enter the web server's URL, and login to the interface.
This article was updated on June 11, 2018
In one of my previous posts, I defined what an SSL file transfer is. Today, I'm going to show you how to actually set up an SSL file transfer service on JSCAPE MFT Server. After that, I'll demonstrate how an AnyClient user would connect to your server and perform a secure file transfer using that particular service.
The security of any SSL/TLS-protected connection largely depends on the client and server's choice of cipher suites. If you use file transfer protocols like HTTPS, FTPS, and AS2 but don't know what cipher suites are, you will want to read this post.Read More
Here's something that's particularly useful if you want to provide access control to JSCAPE MFT Server directories based on need to know and according to job responsibilities. It's called Groups. JSCAPE managed file transfer server Groups are named sets of virtual directories and file system permissions that may be assigned to multiple user accounts. You can use them to comply with certain laws and regulations like PCI-DSS, HIPAA, and SOX.
The ability to support ICAP antivirus scanning is one of the key features of JSCAPE MFT Server 10.2. But what is it? How can your end users, trading partners, and system administrators benefit from it? How does it match up against traditional file transfer virus scanning solutions? We answer these questions and more in this blog post.Read More