ITAR Compliance with FileCloud
The International Traffic in Arms Regulations (ITAR) is a set of United States regulations that is very strict. This set of regulations controls the organizations which sell, manufacture and distribute military and defense technologies and services.
Storage Requirements for ITAR Compliance
There are several requirements for ITAR compliance when it comes to data storage, whether on-premises or in the cloud. The data should be encrypted at all times to prevent data leaks and piracy. Proper access control mechanisms should be in place and access to files should be managed with granular controls. Proper auditing should be provided to check each user-related and other actions with regards to the system and the files.
FileCloud Supports ITAR compliance
Prevent Data Leaks in Real-Time with DLP Rules
FileCloud has a simple yet flexible method to prevent accidental data leaks from end-users: a rule-driven Data Leak Prevention (DLP) system. DLP rules enable admins to enforce controls over user actions such as downloading, sharing, and logging based on metadata (e.g., IP range, user group, email domain, folder path, document metadata, and user access agents.) FileCloud evaluates DLP rules and file activity in real-time and logs the violations for future reporting and auditing purposes.
FileCloud’s client-based DRM helps limit sharing and restricts screenshots and printing to prevent unauthorized redistribution of confidential or sensitive intellectual property. The file’s sender can instantly revoke any access or restrict any access at any time. The sender also can set maximum access counts. The DRM client relays documents within an encrypted (AES 256-bit) document container. The recipient of the encrypted file needs a key to access the file. The FileCloud verifies the key before letting anyone access the relevant file.
FileCloud also has offers web-based DRM through a secure document viewer, which enables the sender to enable file viewing within a restricted viewing mode. The sender can also set download limits and password protection and rescind the share, even after the file has been sent. This lightweight web-DRM functionality enables powerful security while sharing confidential data directly within the FileCloud UI.
User Access Controls and Self-Hosting
FileCloud can be self-hosted on-premises or as a private cloud (“FileCloud Server“) for an all-in-one EFSS solution or as a hybrid proxy to existing storage infrastructure. This flexibility ensures that enterprises maintain control over their proprietary or confidential data.
Furthermore, RBAC (Role Based Access Control) mechanisms enable admins to delegate relevant user access permissions. Permissions can be restricted based on the user, and folder-level permission granularity can also be achieved with FileCloud.
Encryption and FIPS 140-2
Files in FileCloud are encrypted at rest as well as in transit. Specifically, FileCloud can be run in FIPS mode, which enforces FIPS 140-2 compliant cryptographic libraries for data at rest and in transit. This encryption enables organizations to meet essential ITAR compliance requirements for data security.
FileCloud’s ITAR Compliance Center
FileCloud’s ITAR Compliance Center provides a dedicated dashboard populated with ITAR compliance requirements. These requirements are connected with FileCloud tools and controls that can be enabled. If a rule is toggled on, FileCloud will scan the environment to search for compliance (or compliance violations). It any violations are found, the system flags it and provides information on how to remediate the issue.
Learn more about secure and ITAR-compliant file sharing.