In the course of regular operations, many staff and faculty will have a need to send or receive files that contain sensitive information. To help facilitate this, Santa Clara University offers three complementary solutions: SecureFT, SafeDoc, and MOVEit Automation. SecureFT is intended to be used for person-to-person ad-hoc file transfers. SafeDoc is intended to be used when a form is needed for users to submit documents as part of a business process. MOVEit Automation is intended to be used when there is a business need that requires files to be transmitted on a recurring basis from system-to-system (this service needs to be requested through the Technology Help Desk).
SecureFT is a service offered by Santa Clara Univeristy to current Staff and Faculty to facilitate secure at-rest and in-transit sharing and transferring of files and data. Sending and receiving messages through SecureFT operates as a secure email system wherein all secure messages are referred to as "packages." When a new package is sent, the recipient will recieve an email notifying them that a new package is available and will include only the subject of the message. Upon logging into SecureFT, the recipient will then be able to access the body of the message and any attachments. The recipient will also have the ability to reply to the package and attach files to the reply.
For more information on sending or recieving files through SecureFT, please refer to the following pages:
- Learn how to send files securely
- Learn how to request files securely
- Learn how to create a form for submitting files securely
All of the data moving through SecureFT is encrypted both in-transit and at-rest. For the in-transit encryption, SecureFT supports the following secure protocols:
- HTTPS (TLS1.2)
- SFTP (Disabled by default but can be requested for specific use cases)
When storing data on the file system, SecureFT stores all files on disk using FIPS 140-2 validated 256-bit AES, the US federal standard for encryption. The encryption engine upon which SecureFT relies is only the tenth product to have been vetted, validated and certified by the United States and Canadian governments for cryptographic fitness under the rigorous FIPS 140-2 guidelines.
SecureFT also overwrites just-deleted files with random bytes to prevent even encrypted files from lingering on a physical disk after users thought them to have been destroyed.
Because transfers are logged in a tamper-evident database, SecureFT complies with PCI, HIPAA, CCPA, GDPR, SOC 2 type 2, ISO 27001, SOX, BASEL I/II/III, FIPS, FISMA, GLBA, FFIEC, ITAR, and other data privacy regulations. It provides pre-defined and customizable reports and logging of all data interactions, including files, events, people, policies, and processes.
SecureFT leverages a product called MOVEit Transfer. Additional documentation can be found in the MOVEit Transfer user guide.