ITAR Compliance using FileCloud Online

April 21, 2020

FileCloudfor ITAR is cloud-agnostic, meaning you can self-host it on your own IT infrastructure, or choose to utilize our software services. FileCloud for ITAR cloud service is hosted in AWS GovCloudand fully managed by U.S. citizens or permanent residents, maximizing accountability.

ITAR provides a set of government regulations dictating how to prevent the distribution of defense items and services outside the US. ITAR compliance makes it compulsory for companies to monitor and control inbound and outbound network traffic. FileCloud not only provides high security but also provides audit logs to see who accessed the cloud and for what purpose. Build a robust ITAR compliant document management and access control solution with FileCloud.

If a company fails to comply with the ITAR, it can face civil and criminal penalties. FileCloud is an ITAR compliant file sharing solution that provides the necessary tools for security, document management, data leak prevention, content classification, and private file sharing. For security, FileCloud provides end to end encryption, ransomware protection, FIPS 140-2 encryption and much more.

How FileCloud Ensures ITAR Compliant File Sharing?

  1. FIPS 140-2 encryption - FileCloud uses FIPS 140-2 Certified Encryption process to all the files stored in the cloud. This is enabled when a FileCloud Online site goes from Trial to Production from the server-side, no action is needed. FileCloud offers independent and extensive customer control over encryption keys using AWS Key Management in GovCloud.
  2. End to end encryption - FileCloud's encrypted file sharing provides security measures to safeguard the files you store and share within or outside the cloud. FileCloud provides end-to-end encrypted file sharing, auto-scanning of files when uploaded and ransomware protection.
  3. Watermarked Previews - To enable the Watermark for preview shares, please send the “text” you want to show as a watermark to the support team to make this change on the server level.
  4. Secure Private Access -  You can choose to remove public access or shares of the files as an Admin through out Admin  Portal, making sure no unauthorized personnel or software can access the documents. FileCloud offers private-only, time-limited and view-only access for sensitive documents. One can prevent downloads, and configure custom sharing options with FileCloud’sSmart DLP capabilities and document tags.
  5. Robust login security -  FileCloud can enable Two-Factor Authentication for users.The following options are available: Using Email based security code TOTP (Google Authenticator or similar TOTP code generators), Using DUO Security, Using SMS OTP Security Codes, Using SMS OTP Security Codes for specific user agents. The 2FA method can be selected by Policy Group (Settings / Policies) which enables FileCloud to use different methods to different groups of users.
  6. Smart data leak prevention -Data leak prevention (DLP) is a FileCloud feature that enables administrators to closely control the degree to which users can access, edit, download, and transfer their organization’s files and folders. While DLP can be useful for many different kinds of data, it can be especially critical for the secure handling of Personal Identification Information (PII), Personal Health Information (PHI), and Payment Card Information (PCI). DLP also offers greater security to organizations that are required to operate in compliance with HIPAA or GDPR.
  7. Record-Keeping - The ITAR requires that these records be maintained for five years from the expiration of the export license or other approval. In the case of an export license exemption, this would be from the date of the transaction.FileCloud for ITAR offers complete content lifecycle management with flexible retention and archival schedules to meet your ITAR record-keeping requirement
  8. Audit controls -All FileCloud activity is recorded in the Audit Records, these records can be viewed and exported from the Settings / Audit section.
  9. Smart content classification -The Content Classification Engine (CCE) is a rule-driven content classification system that enables the generic labeling of files with metadata. This labeling enables key operations within FileCloud such as contextual file search and Data Leak Prevention.
  10. Remote wipe - In addition to Blocking a Client Device from logging in, the Administrator can also wipe FileCloud folders in the remote device. If the client is connected, the block and remote wipe will occur and the client will automatically exit out.
  11. Enable secure NIST password guidelines - At any time a password is created or updated before the password is accepted, FileCloud Server checks the suggested password against the US NIST Password Guidelines list.
  12. U.S. based infrastructure operated by U.S. citizens in the U.S. - FileCloud has a dedicated team based in the U.S. operated by U.S. Citizens that will take care of your server infrastructure.FileCloud for ITAR is a highly secure file management platform that offers file storage, access, and data governance. Custom-tailored specifically for organizations that deal with ITAR and EAR regulated data, it offers multi-layer data security, governance, and advanced record-keeping capabilities.FileCloud for ITAR is cloud-agnostic, meaning you can self-host it on your own IT infrastructure, or choose to utilize our software services. FileCloud for ITAR cloud service is hosted in AWS GovCloudand fully managed by U.S. citizens or permanent residents, maximizing accountability.

By Team FileCloud