The Sarbanes Oxley Act is a US federal law, enacted on 30th July 2002, governing financial reporting and accountability processes within public companies. The legislation was brought into force as a safeguard, following a succession of corporate accounting scandals, involving a number of high profile organisations. These companies purposefully manipulated[..]
Secure File Transfer
Security is of paramount importance in today’s corporate environments, due to the sensitive nature of the information that they hold. Industry standards such as PCI DSS, Sarbanes Oxley and HIPAA dictate an organisation’s responsibility to secure such information and as such, the need for secure file transfer solutions has become[..]
Self-provisioning is the ability for individual end users and partners to set up (or “provision“) their own accounts. Self-provisioning is a common element of most cloud services but remains relatively rare in file transfer applications. A major difference between those environments is that self-provisioning in cloud services usually involves linking[..]
The Single Euro Payments Area (SEPA) is an EU initiative to unify payments within the EU. It is primarily driven by the European Payments Council. (SEPA is not, by itself, a standard.)
Service Level Agreement
A file transfer service level agreement (SLA) establishes exactly what a particular customer should expect from a particular file transfer provider, and how that customer should seek relief for grievances. A file transfer SLA will often contain the following kinds of service expectations: Availability: This expresses how often the file[..]
SFTP File Transfer
SFTP file transfer or the ‘SSH file transfer protocol’ as it is more formally known, is a network communications protocol used for sending data securely over a network. A common misconception associated with SFTP is that it uses FTP run over SSH – this is not the case. SFTP, sometimes[..]
SHA-1 (“Secure Hash Algorithm #1”, also “SHA1”) is the second most common data integrity check standard (a.k.a. “hash”) used throughout the world today. SHA-1 codes are 160-bit numbers and are usually represented in hexadecimal format (e.g., “de9f2c7f d25e1b3a fad3e85a 0bd17d9b 100db4b3”). SHA-1 is the least secure hash algorithm NIST currently[..]
SHA-2 (“Secure Hash Algorithm #2”) is the most secure hash algorithm NIST currently supports in its FIPS validated cryptography implementations. SHA-2 is really a collection of four hashes (SHA-224, SHA-256, SHA-384 and SHA-512), all of which are stronger than SHA-1. Complete SHA-2 implementations in file transfer are still uncommon but[..]
SHA-224 is the 224-bit component of the “SHA-2” data integrity check standard (a.k.a. “hash”). It is not a unique hash algorithm within the SHA-2 standard but is instead a truncated version of SHA-256. See “SHA-2” for more information.
SHA-256 is the 256-bit component of the “SHA-2” data integrity check standard (a.k.a. “hash”). Like SHA-512, it is one of two unique algorithms that make up a SHA-2 hash, but SHA-256 is optimized for 32-bit calculations rather than 64-bit calculations. See “SHA-2” for more information.
SHA-3 refers to the new hash algorithm NIST will choose to someday replace SHA-2. A contest to select the new hash is scheduled to conclude in 2012.
SHA-384 is the 384-bit component of the “SHA-2” data integrity check standard (a.k.a. “hash”). It is not a unique hash algorithm within the SHA-2 standard but is instead a truncated version of SHA-512. See “SHA-2” for more information.
SHA-512 is the 512-bit component of the “SHA-2” data integrity check standard (a.k.a. “hash”). Like SHA-256, it is one of two unique algorithms that make up a SHA-2 hash, but SHA-512 is optimized for 64-bit calculations rather than 32-bit calculations. See “SHA-2” for more information.
SLA is an abbreviation for “Service Level Agreement“, which is a specific contract between a customer and a provider that lays out exactly what each side can expect from the other. The minimum amount of work and minimum level of due care that a file transfer operations team is[..]
SMTP is an email protocol used to push messages and attachments from server to server. Many technologies have been used to secure SMTP over the years, but the best technologies available today use SSL (version 3) or TLS to secure the entire SMTP connection. SMTP typically uses TCP port 25[..]
SSH File Transfer
SSH (Secure Shell) is a network protocol used to establish a secure connection between a client and server. Once a connection has been established, it acts like an encrypted tunnel down which data can be exchanged securely. SSH file transfer is used to maintain the confidentiality and integrity of data[..]
SSL (“Secure Sockets Layer”) was the first widely-deployed technology used to secure TCP sockets. Its use in HTTPS (HTTP over SSL) allowed the modern age of “ecommerce” to take off on the world wide web and it has also been incorporated into common file transfer protocols such as FTPS (FTP[..]
Subject Access Requests (SARs)
Under GDPR, the data subject has the right to request all personal data a data controller has on them. This includes their supply chain.
The Society for Worldwide Interbank Financial Telecommunication (SWIFT) runs a popular system used by banks around the world to quickly exchange transactions with each other. Most international interbank messages use this system. Unlike clearing houses or other institutions that provide intermediate or final settlement of financial transactions, SWIFT is simply[..]