by Tim Young | Apr 18, 2024 | FIPS, Regulatory Compliance
Background: What is FIPS compliance? FIPS compliance refers to the implementation of specific data security practices outlined under the National Institute of Standards and Technology (NIST)’s Federal Information Processing Standards (FIPS). These standards... by Patrick Mills | Mar 7, 2024 | FTP Server Security, Regulatory Compliance, SFTP Background
In Cerberus FTP Server 2024.1, we have added Two-Factor Authentication (2FA) support for SFTP and SCP. We support both time-based one-time password (TOTP) and Duo two-factor. The small print. Since you cannot enroll in 2FA from an SFTP client, users have to either set... by Tim Young | Nov 17, 2023 | Regulatory Compliance
The International Organization for Standardization (ISO) 27001 standard defines requirements that an organization’s information security management system must meet for the organization to receive third-party certification for its information security practices. ... by Tim Young | Nov 17, 2023 | Regulatory Compliance
If your organization handles data from or for the U.S. federal government, your responsibilities to protect that data don’t end with FIPS 140-2 compliance. Organizations that handle, process, receive or transmit a relatively new classification of sensitive data,... by Tim Young | Nov 17, 2023 | Regulatory Compliance
The U.S. Department of Defense (DoD) is in the midst of an ambitious effort to improve the security of any information system that processes, transmits or stores sensitive data. Known as the Cybersecurity Maturity Model Certification (CMMC), this effort will become a... by Paul Harada | Feb 22, 2024 | FTP Server Security, News, Regulatory Compliance, Reporting, Web Client
One Time Password (OTP) secured public file sharing is now available in Cerberus FTP Server 13.2. With this release, users have the ability to restrict and track access of public file shares from the web-client with a new security option that restricts access to the... by Tim Young | Jan 25, 2024 | Regulatory Compliance
The U.S. federal government’s transition to the FIPS 140-3 cryptography standard has begun, with NIST announcing that all FIPS 140-2 certificates will be retired in September 2026. Cerberus FTP Server versions 12.11 and higher have moved to OpenSSL 3, which will... by Patrick Mills | Mar 22, 2024 | FTP Server Security, News, Regulatory Compliance
Starting in version 12.11, Cerberus FTP Server will use OpenSSL 3 which provides the following benefits: Extends FIPS 140-2 validation until September 2026 Adds TLS 1.3 protocol support Adds additional key exchange, cipher, and mac algorithms Breaking Changes If you... by Paul Harada | Sep 3, 2021 | FTP Logs, FTP Server Administration, News, Regulatory Compliance
Enterprise users of Cerberus FTP Server have frequently requested an integrated way to clean their reporting database. A new feature for 12.2 allows administrators to remove old audit & file records. Accessible from the database configuration page, administrators... by Dana Anderson | Jun 8, 2021 | Informational, Regulatory Compliance
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) addresses the minimum standards that health care organizations must implement to protect the security, privacy, and confidentiality of patient data that is transferred over the Internet. You can... by Dana Anderson | Jan 8, 2020 | FTP Server Security, Informational, Regulatory Compliance
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) addresses the minimum standards that health care organizations must implement to protect the security, privacy, and confidentiality of patient data that is transferred over the Internet. Section... by Dana Anderson | Nov 27, 2019 | FTP Basics, FTP Server Security, Regulatory Compliance
One of our most-visited help articles is “How can I make Cerberus FTP Server secure?” In that article, we mention FIPS 140-2, but we still get quite a few emails from customers asking whether they should be using FIPS 140-2 mode in Cerberus. So let’s dig into... by Tim Young | Mar 1, 2022 | Regulatory Compliance
At Cerberus, we often receive questions related to HIPAA compliance and HIPAA-compliant file transfer. In this post, we address a number of those questions so you can feel comfortable when working with patient data. How Does HIPAA Govern Health Care Data Transfer? The...