Solutions > Financial Services
Cerberus FTP Server
Secure File Sharing for Financial Services
“After our first year, our CEO said it was the best value software that we’d ever bought because of the load it handled. Every other software we installed had problems.”
PCI DSS Compliance Tools
A complete suite of encryption, access monitoring and auditing tools to ensure your data transfers comply with PCI data security standards.
FIPS 140-2 Data Encryption
Government-certified encryption for cardholder data transmission and other financial file sharing.
Log All Data Processing
Full visibility into all cardholder data access, with configurable alerts and policies.
Fine-Grained System Access Controls
AD & LDAP security group integration, with client certificate validation and granular admin logging.
Data Policy Support
Automatically comply with file retention policies, deletion requirements and more when sharing financial files.
Event-Driven Actions
Set actions, alerts and transfers based on business rules.
Folder Monitor
Automatically set deletion policies.
Complete Protection Against Intrusion
Cerberus FTP Server provides intelligent access security for financial services file sharing.
IP Autobanning
Allow or deny IP addresses based on business rules, active security events, or requesting country.
User & Client Authentication
Verify clients against user credentials with public key and two-factor authentication.
Regulations Governing Secure File Sharing for Financial Services
This section outlines Cerberus FTP Server’s core areas of support for financial services file sharing and data transfer compliance according to U.S. and E.U. regulation and the Payment Card Industry (PCI)’s Security Standards Council requirements.
PCI Data Security Standard (PCI DSS) Compliance
PCI DSS is comprised of 12 high-level industry mandated requirements that apply to any bank, merchant, service provider or vendor that issues payment cards or processes payments via these cards. The standards are global, and required for those who issue or accept cards that use the Visa, Mastercard, American Express, Discover, or JCB networks. This page provides high-level information on specific requirements that apply to card payment-related file transfer.
4. Encrypt transmission of cardholder data across open, public networks
How Cerberus FTP Server Can Help
Cerberus FTP Server provides FIPS 140-2 encryption and support for a variety of secure transfer protocols (SFTP, FTPS, HTTPS, SCP, etc.) to support your environment.
10. Track and monitor all access to network resources and cardholder data
How Cerberus FTP Server Can Help
Our logging feature combined with the Event Manager feature gives an administrator a complete view of all data processing activities with the ability to trigger and save reports based on server events.
8. Identify and authenticate access to system components
How Cerberus FTP Server Can Help
Cerberus FTP Server supports using Active Directory and LDAP security groups for access as well as client certificate validation.
For more information:
The European Data Protection Supervisor (EDPS)
Working under the GDPR’s larger rubric, the EDPS has provided data security guidelines for financial services companies operating in the EU.
Evaluate and Justify an Appropriate Retention Period
The EDPS requires that companies keep personal data for no longer than necessary and encourage strict systematic deletion.
How Cerberus FTP Server Can Help
Cerberus’s Folder Monitor feature allows administrators to create robust file management policies.
Consider Appropriate Data Security Measures
Step 9 of the EDPS guidance states that data security methods should “respect professional secrecy and should prohibit the disclosure of confidential information.”
How Cerberus FTP Server Can Help
- Our logging feature combined with the Event Manager feature gives an administrator a complete view of all data processing activities with the ability to trigger and save reports based on server events
- Cerberus FTP Server also offers Active Directory or LDAP integration to help manage security user groups, and provides advanced reports of all administrator actions
For more information:
United States Regulations for File Transfer in Financial Services
In the United States, a number of governing bodies regulate financial services data transfer:
FTC Safeguards Rule
The FTC enforces the federal requirement for financial services companies to protect “nonpublic personal information” (NPI), which is any personally identifiable financial information that a financial institution collects about an individual in connection with providing a financial product or service. The security of NPI data is governed by what is known as the Safeguard Rule, which requires financial institutions to regularly assess their data security risk and take steps to minimize that risk.
How Cerberus Can Help
Cerberus FTP Server offers a number of tools and features to help data security professionals ensure the security of their transfers. These tools include:
- Detailed file server auditing and reporting with Cerberus FTP Server Enterprise Edition‘s Report Manager
- Fine-tuned file access via Active Directory and LDAP security groups
- Extensive logging to provide audits of every user and file activity.
NACHA Data Security Compliance
NACHA enforces data security for all US-based organizations that process electronic funds transfers through the Automated Clearing House (ACH). NACHA requires that its members utilize a commercially reasonable standard of encryption technology when transmitting any banking information via an unsecured electronic network. NACHA also requires each ACH Operator to provided detailed transactional information regarding file receipt and processing.
How Cerberus FTP Server Can Help
- Encrypted File Transfer: Cerberus FTP Server provides FIPS 140-2 encryption and support for a variety of secure transfer protocols (SFTP, FTPS, HTTPS, etc.)
- File Transfer Integrity and Reporting: Our SFTP feature provides robust data on file and transfer integrity
FFIEC
FFIEC Rule I.C.13(b): Electronic Transmission of Information
This rule requires that any electronic transmission of information by a financial services institution should enact appropriate controls in order to restrict the type of information that can be transmitted and encrypt the information when it does so. The rule specifically suggests, but does not require, SFTP transfer.
How Cerberus FTP Server Can Help
Cerberus FTP Server offers SFTP transfer via SSH2 with robust, customizable encryption methods in order to comply with the FFIEC’s data transfer requirements.
Try Cerberus FTP Server free for 25 days
- Live US-based phone & email support
- Bulletproof reliability
- Built for complete data control
- Trouble-free enterprise deployment
Full Feature List
Protocols
FTP, FTP/S, SFTP, SCP, HTTP/S
Advanced Security
SSH, SSL, FIPS 140-2
MFT Automation
Event, Alert & Sync Tools
Environments
Windows Server, Cloud & Virtual
Access Protection
IP, User & Protocol Restriction Tools
Account Management
AD, LDAP, 2FA, SSO & More
Auditing and Reporting
File Access, User and Admin Logging
Administration Tools
API, Sync Manager, & Other Tools
HTTPS Web Portal
Browser-Based Transfer from Any Device
Monitoring & Testing
Automated Network, Load and Access Testing
Regulatory Compliance
Auditing, Retention, & Encryption Tools
Award-Winning Support
Phone, Email, & 24/7/365
Industry-Focused Solutions
Cerberus FTP Server supports a wide range of industry and professional needs. Enhance data security, streamline operations, and ensure compliance with regulations.
Uncompromising Commitment To Customer Satisfaction
G2
4.8 / 5
Capterra
4.8 / 5
CNET Download
4.8 / 5
Recognized as an industry-leading secure FTP server
Trusted by Companies Like Yours
Uncompromising Customer Satisfaction
Latest News
Does FTP have a future?
We recently reviewed the future of managed file transfer, which got us thinking about one of the oldest file transfer protocols in existence: FTP. Will a protocol originally written in 1971 still have value and utility as the web evolves? Let’s review. How prevalent...
What are the differences between file servers?
It’s easy to confuse secure file transfer servers with file servers. And it’s even easier to use “file server” for a broad category of devices that handle a number of different functions. Our goal in this post is to clarify what file servers are so that you can better...
New Release: Cerberus Version 2024.3
The latest release from Cerberus FTP by Redwood enhances IP address access control. Learn more about these security features and how you can easily manage access to your network. What’s new? IP address validation: Within Cerberus, there are many fields where you can...
Explore what Cerberus FTP Server can do for you
- 25 Day Free Trial
- No Credit Card Required
- Up and running in less than 15 mins