Security Requirement Questions

Have the feeling that everybody is staring at you in the other forums? Then look here, in this forum nobody does care what you say ;-)

Moderator: Project members

Locked
Message
Author
mamajeed7
500 Command not understood
Posts: 3
Joined: 2020-09-09 21:22
First name: Abdul
Last name: Majeed

Security Requirement Questions

#1 Post by mamajeed7 » 2020-09-09 21:26

I am planning to implement FileZilla, however I have following Security Requirement, can you tell me if these requirements can be met through FileZilla?
• All traffic must be encrypted.
• Data payloads for sensitive files sent out from Client to suppliers must be encrypted at rest as well.
• ITAR and other regulatory requirements must be enforced.
• Logging must be available to track activity.
• Legal requirements/agreements must be in place for any recipient.
• Must require strong authentication for supplier access to the portal.

User avatar
botg
Site Admin
Posts: 35491
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: Security Requirement Questions

#2 Post by botg » 2020-09-10 07:55

Unless a user explicitly selects an insecure protocol, FileZilla asks for confirmation before using an insecure connection.

Files are transferred as-is. FileZilla does not care what is in a file and what happens to it on the destination.

To enforce compliance to pointless and arbitrary regulations, position a lawyer with a whip behind each user.

mamajeed7
500 Command not understood
Posts: 3
Joined: 2020-09-09 21:22
First name: Abdul
Last name: Majeed

Re: Security Requirement Questions

#3 Post by mamajeed7 » 2020-09-18 14:51

Thank you so much for reaching out to me.

Is there a way that I can have someone to walk me though the tool, I have few needs for my company specific.

I may need some enhancements to existing tool in order to meet all the requirements, is it doable?

Can you please redirect me into right direction so that I can work with your Analysts?

mamajeed7
500 Command not understood
Posts: 3
Joined: 2020-09-09 21:22
First name: Abdul
Last name: Majeed

Re: Security Requirement Questions

#4 Post by mamajeed7 » 2020-09-23 14:43

Business Requirement: Implement an FTP automation tool for gathering engineering prints, specifications and CAD files and uploads to a controlled website that can be accessed by Purchasing and external suppliers.
We are looking for a more polished version of our in-house built FTP tools where we can gather and collect the PDF drawings, BOMs, CAD files, Excel, MSWord, video, anything large or that requires security and then send file(s) to external supplier(s).

Locked