Data integrity checks are vital to secure communications. They enable communicating parties to verify the integrity and authenticity of the messages they receive. In secure file transfer protocols like FTPS, SFTP, and HTTPS, data integrity/message authentication is usually achieved through a mechanism known as HMAC. In this post, we explain what HMAC is, its basic inner workings, and how it secures data transfers.
Read MoreTopics: Security, Secure File Transfer, SFTP, FTPS
When I first read about HSTS, my first reaction was, "What's this? A replacement for HTTPS? Considering the ubiquity of HTTPS, shouldn't we be working to improve it first instead of replacing it?" Turned out, my initial understanding of HTTP Strict Transport Security was off the mark.
Read MoreTopics: Security, Compliance, Secure File Transfer
How do you strengthen a server's user authentication system? Well, one solution would be to simply add another authentication method. Most servers authenticate users through the usual username-password technique. If you can augment that with another method, you'll be able to make it more difficult for unauthorized users to break in. For servers whose users connect through Web browsers, one option would be something called client certificate authentication. Let's explore what this is.
Read MoreTopics: Security, Secure File Transfer, FTPS
[Last updated: January 2021] People who use SSL/TLS to secure their online transactions/file transfers are mostly only familiar with two of its security functions: 1. That it can encrypt data in transit and 2. That it can enable clients to authenticate the server. They're likely not making use of another feature that can greatly enhance SSL security even more - client certificate authentication.
We already talked about client certificate authentication and its benefits on a previous post, so if you want to learn more about it, I suggest you click that link. In that post, we never got to talk about how to enable client certificate authentication on the server side. This quick post will be all about that.
Read More
Topics: JSCAPE MFT Server, Managed File Transfer, Security, Tutorials, Secure File Transfer, FTPS
[Last updated: December 2020] Malicious insiders and careless insiders are increasingly posing serious risks to file transfer systems. If nothing is done to mitigate them, these internal threats can cause data loss or, worse, massive penalty-inducing data breaches. In this post, we take a closer look at internal threats, how they put file transfer systems at risk, and what you can do to mitigate them.
Topics: JSCAPE MFT Server, Business Process Automation, Security, Secure File Transfer, FTP
Businesses that deal with large files such as high-definition videos, 3D CAD models, and so on, sometimes need to transfer these files to another department or to a trading partner located in another state, country, or continent. In situations like this, it pays to know how to securely transfer large files over the Internet.
Read MoreTopics: JSCAPE MFT Server, Managed File Transfer, Security, Secure File Transfer
Files you upload to an Amazon S3 trading partner through JSCAPE MFT Server are normally stored in plaintext. If you want to encrypt those files to minimize the risk of a data breach, one way to do that is by using AES-256 Amazon S3 server-side encryption. We'll show you how to use this particular service in this post.
Read MoreTopics: JSCAPE MFT Server, Managed File Transfer, Business Process Automation, Security, Cloud Computing, Tutorials, Secure File Transfer
In one of our previous posts, we talked about the importance of authenticating an SFTP host before logging into it and how to use the host's RSA key fingerprint to carry out the authentication. The same principle applies when you import a user's client key for public key authentication.
Read MoreTopics: JSCAPE MFT Server, Managed File Transfer, Security, Secure File Transfer, SFTP
Three common protocols still used in file transfer today are FTP, FTPS and SFTP. While the acronyms for these protocols are similar, there are some key differences among them, in particular how data is exchanged, the level of security provided and firewall considerations. Learning these key differences can help you when choosing a secure file transfer protocol or troubleshooting common connection issues.
Topics: Managed File Transfer, Security
To prevent confidential data from leaking out of your organization or getting stolen, your cyber security efforts have to be aimed at two areas: securing data-at-rest and securing data-in-transit (sometimes referred to as data-in-use). Data-in-transit is often secured by protocols that use an Advanced Encryption Standard (AES) and require encryption keys. But what about data-at-rest protection?
Topics: JSCAPE MFT Server, Security, Data Loss Prevention, Compliance