[Last updated: January 2021] When I first read about HSTS, my first reaction was, "What's this? A replacement for HTTPS? Considering the ubiquity of HTTPS, shouldn't we be working to improve it first instead of replacing it?" Turned out, my initial understanding of HTTP Strict Transport Security was off the mark.Read More
[Last updated: January 2021] People who use SSL/TLS to secure their online transactions/file transfers are mostly only familiar with two of its security functions: 1. That it can encrypt data in transit and 2. That it can enable clients to authenticate the server. They're likely not making use of another feature that can greatly enhance SSL security even more - client certificate authentication.
We already talked about client certificate authentication and its benefits on a previous post, so if you want to learn more about it, I suggest you click that link. In that post, we never got to talk about how to enable client certificate authentication on the server side. This quick post will be all about that.
[Last updated: December 2020] Malicious insiders and careless insiders are increasingly posing serious risks to file transfer systems. If nothing is done to mitigate them, these internal threats can cause data loss or, worse, massive penalty-inducing data breaches. In this post, we take a closer look at internal threats, how they put file transfer systems at risk, and what you can do to mitigate them.
Businesses that deal with large files such as high-definition videos, 3D CAD models, and so on, sometimes need to transfer these files to another department or to a trading partner located in another state, country, or continent. In situations like this, it pays to know how to securely transfer large files over the Internet.Read More
Files you upload to an Amazon S3 trading partner through JSCAPE MFT Server are normally stored in plaintext. If you want to encrypt those files to minimize the risk of a data breach, one way to do that is by using AES-256 Amazon S3 server-side encryption. We'll show you how to use this particular service in this post.Read More
In one of our previous posts, we talked about the importance of authenticating an SFTP host before logging into it and how to use the host's RSA key fingerprint to carry out the authentication. The same principle applies when you import a user's client key for public key authentication.Read More
As promised in our last post, we're going to talk about JSCAPE MFT Server and why it's the perfect choice for an AS2 server.Read More
[Last updated October 3, 2019] In this tutorial, I'll show you how to carry out file transfers between an iPhone or iPad and JSCAPE MFT Server. This capability is ideal for organizations who have adopted some form of BYOD policy and want to establish secure backups and file transfers between iOS mobile devices and a company-owned server.
[Last updated September 25, 2019] To prevent confidential data from leaking out of your organization or getting stolen, your cyber security efforts have to be aimed at two areas: securing data-at-rest and securing data-in-motion. In this post, we’ll talk about the former.
To ensure non-repudiation of AS2 receipts, you need to affix digital signatures to your AS2 Message Disposition Notifications or MDNs. We'll teach you how to do that in this post.Read More