Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
SFTP over Internet strong enough for SOX?
0 views
Skip to first unread message
ken...@hotmail.com
Nov 21, 2006, 5:05:50 AM11/21/06
to
My company offers IPSec VPN and direct connection (ISDN) methods for
partners to securely transfer files between us. All require transfers
to use SSH/SFTP as this is what our file server supports. Some new
partners want to use only SFTP over the Internet without the VPN
overhead or cost of a direct connection.
partners to securely transfer files between us. All require transfers
to use SSH/SFTP as this is what our file server supports. Some new
partners want to use only SFTP over the Internet without the VPN
overhead or cost of a direct connection.
I guess as long as an Internet facing SFTP server is security hardened
and has appropriate perimeter security, and the security of the
transfer matches that offered by the VPN tunnel (encryption algorithm,
key size, shared secret, etc.) then it should be OK.
Can anyone comment on how suitable SFTP is for transferring files that
might contain data where controls must comply with DPA or SOX
requirements?
0 new messages