Page 11 - Cyber Defense Magazine - Global Print Edition 2018
P. 11
let a data breach happen to you. version of TLS organizations sensitive files are stored in.
Take the time to find an encryption should use to remain compliant. If Some secure file transfer solutions
technology that works in your you follow PCI DSS requirements, automate this process by
environment and protects your file as of June 2018 you should encrypting the data as it’s written
servers from vulnerabilities. use TLS 1.1 or higher for your to files within a designated folder.
encryption needs. (TLS 1.2 is
To get you started, here are four strongly encouraged.) Files can be decrypted whenever
modern encryption technologies we they’re accessed by an authorized
recommend using: user, so the user doesn’t have to
3. SSH provide a special password or key.
1. OpenPGP Secure Shell (SSH) is a Helpful Tip: Are you FISMA
cryptographic network protocol compliant? The Federal
OpenPGP is an encryption that encrypts file transfers over Information System
protocol that uses key pairs (a industry standard file transfer Modernization Act of 2014 calls
public and private key) to secure protocols like SFTP and SCP. upon the National Institute of
your files. If you need to use For organizations who need Standards and Technology as
public and private keys in your a bit more flexibility in their its security and risk approached
organization to give your data a authentication methods, SSH framework to ensure proper file
high level of protection, this may uses a combination of asymmetric and systems protection. AES is
be the protocol you want to use. and symmetric cryptology to the de facto standard and widely
OpenPGP also allows you to verify provide strong protection. Files accepted encryption method.
the authenticity of received data that are transferred using SSH No matter which encryption
by requiring files to be signed can be set up to authenticate option you choose for your
with the digital signature of the using passwords, SSH keys, or a organization, always ensure
message creator. combination of both. your data is protected in transit
Helpful Tip: Some secure file and at rest. With the amount
2. TLS transfer solutions support of personal information shared
SSH with an integrated Key and stored online, data breaches
Transport Layer Security (TLS) are becoming more and more
is a cryptographic encryption Management System (KMS). This common. Don’t let one happen
protocol that allows users to KMS can be used to create and to you!
encrypt their file transfers over maintain SSH keys, OpenPGP
industry standard protocols like keys, and SSL certificates that
AS2, FTPS, and HTTPS (to secure are then associated with a TLS
web browser connections). TLS client connection. It is highly About the Author
uses x.509 certificates to allow recommended that you use a
TLS-enabled servers and clients solution that offers this benefit, Dan Freeman is
a Senior Solutions
to securely connect to and as it reduces the need to create Consultant at
authenticate each other. manual keys and certificates in HelpSystems for
your organization, thus promoting the GoAnywhere
Since these certificates contain centralized management. Managed File
information about the entity they Transfer product
line. Dan has spent
represent, TLS provides a high the last 10 years
level of protection by requiring 4. AES of his career in
specific certificate details (e.g. The Advanced Encryption various security
roles ranging from
the entity that signed the Standard (AES) is a symmetric systems engineer to security officer. As a CISSP,
certificate, the expiration date, form of encryption cipher that Dan has designed networks, systems, and
the certificate’s public key, and organizations can use to protect procedures to ensure regulatory compliance
using the NIST risk management framework
the entity’s digital signature). their files when stored in transit and HIPAA standards. Dan can be reached online
Helpful Tip: The Payment Card or at rest. AES-256 encryption is at [email protected] and at our
company website: www.helpsystems.com
Industry Security Standards often employed to secure data
Council recently increased the at rest by encrypting the folders
CYBER DEFENSE MAGAZINE – ANNUAL GLOBAL PRINT EDITION 2018 – SPONSORED BY TREND MICRO 11
