by Tim Young | Oct 17, 2024 | Regulatory Compliance
In our last post, we outlined the most common regulations and requirements that affect file server data security. This follow-up post will address the common steps you’ll need to take to ensure compliance. For this post, we are focusing on internal system and...
by Tim Young | Oct 17, 2024 | Regulatory Compliance
Even though Cerberus by Redwood focuses on secure file transfer, data security and compliance requirements extend far beyond our solutions. Since our application is frequently integrated with an organization’s file server, this two-part guide will examine how to keep...
by Tim Young | Jul 15, 2024 | Regulatory Compliance
If you operate in the financial services industry, your data security practices are governed by the Graham-Leach-Bliley Act’s Safeguards Rule, as enforced by the Federal Trade Commission. This rule is far-reaching and detailed, so we have prepared the following...
by Tim Young | Jun 7, 2024 | Regulatory Compliance
Between October 2009 and December 2023, the Department of Health and Human Services (HHS) posted almost 6,000 large-scale data breaches of healthcare organizations to its Office for Civil Rights’ (OCR) “Wall of Shame,” and this staggering number doesn’t even include...
by Tim Young | Apr 18, 2024 | FIPS, Regulatory Compliance
Background: What is FIPS compliance? FIPS compliance refers to the implementation of specific data security practices outlined under the National Institute of Standards and Technology (NIST)’s Federal Information Processing Standards (FIPS). These standards...
by Patrick Mills | May 31, 2024 | FTP Server Security, Regulatory Compliance, SFTP Background
Note: Cerberus FTP Server 2024.2 includes an enhancement to these configuration settings, detailed in this post. In Cerberus FTP Server 2024.1, we have added Two-Factor Authentication (2FA) support for SFTP and SCP. We support both time-based one-time password (TOTP)...
by Tim Young | Nov 17, 2023 | Regulatory Compliance
The International Organization for Standardization (ISO) 27001 standard defines requirements that an organization’s information security management system must meet for the organization to receive third-party certification for its information security practices. ...
by Tim Young | Nov 17, 2023 | Regulatory Compliance
If your organization handles data from or for the U.S. federal government, your responsibilities to protect that data don’t end with FIPS 140-2 compliance. Organizations that handle, process, receive or transmit a relatively new classification of sensitive data,...
by Tim Young | Nov 17, 2023 | Regulatory Compliance
The U.S. Department of Defense (DoD) is in the midst of an ambitious effort to improve the security of any information system that processes, transmits or stores sensitive data. Known as the Cybersecurity Maturity Model Certification (CMMC), this effort will become a...
by Paul Harada | Feb 22, 2024 | FTP Server Security, News, Regulatory Compliance, Reporting, Web Client
One Time Password (OTP) secured public file sharing is now available in Cerberus FTP Server 13.2. With this release, users have the ability to restrict and track access of public file shares from the web-client with a new security option that restricts access to the...
by Tim Young | Jan 25, 2024 | Regulatory Compliance
The U.S. federal government’s transition to the FIPS 140-3 cryptography standard has begun, with NIST announcing that all FIPS 140-2 certificates will be retired in September 2026. Cerberus FTP Server versions 12.11 and higher have moved to OpenSSL 3, which will...
by Patrick Mills | Mar 22, 2024 | FTP Server Security, News, Regulatory Compliance
Starting in version 12.11, Cerberus FTP Server will use OpenSSL 3 which provides the following benefits: Extends FIPS 140-2 validation until September 2026 Adds TLS 1.3 protocol support Adds additional key exchange, cipher, and mac algorithms Breaking Changes If you...
by Paul Harada | Sep 3, 2021 | FTP Logs, FTP Server Administration, News, Regulatory Compliance
Enterprise users of Cerberus FTP Server have frequently requested an integrated way to clean their reporting database. A new feature for 12.2 allows administrators to remove old audit & file records. Accessible from the database configuration page, administrators...
by Dana Anderson | Jun 8, 2021 | Informational, Regulatory Compliance
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) addresses the minimum standards that health care organizations must implement to protect the security, privacy, and confidentiality of patient data that is transferred over the Internet. You can...
by Dana Anderson | Jan 8, 2020 | FTP Server Security, Informational, Regulatory Compliance
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) addresses the minimum standards that health care organizations must implement to protect the security, privacy, and confidentiality of patient data that is transferred over the Internet. Section...
by Dana Anderson | Nov 27, 2019 | FTP Basics, FTP Server Security, Regulatory Compliance
One of our most-visited help articles is “How can I make Cerberus FTP Server secure?” In that article, we mention FIPS 140-2, but we still get quite a few emails from customers asking whether they should be using FIPS 140-2 mode in Cerberus. So let’s dig into...
by Tim Young | Mar 1, 2022 | Regulatory Compliance
At Cerberus, we often receive questions related to HIPAA compliance and HIPAA-compliant file transfer. In this post, we address a number of those questions so you can feel comfortable when working with patient data. How Does HIPAA Govern Health Care Data Transfer? The...
