Re: ftp site?

From: "Jay Vance" <jayvance@xxxxxxxxx>
Date: 27 Oct 2006 15:01:46 -0700

Gisele, just FYI, the only way you can really secure files when sending
them by FTP is to apply encryption to the files themselves. I've seen
a lot of FTP hosts that advertise HIPAA compliance, but what they use
is SSL encryption, which only protects the files in transit. There's
nothing to protect the files while they're on the server. I know
Mike's MEP program encrypts files before they are uploaded and the
recipient opens them with a password. My HippoFTP software encrypts
and decrypts files transparently, no manual encrypting or decrypting is
necessary. Using something like these programs enables you to use any
FTP site, because even if someone could hack the server or if the
administrator tried to open the files, they wouldn't be able to because
of the encryption. Bottom line is there's really no such thing as a
secure, HIPAA compliant FTP server per se.

Jay

Gisele wrote:

I need a secure ftp site to send work for a client to pick up. I
thought I could have one on the server I use for my dictation system,
but my computer support advises against that. Can anyone recommend a
site that is secure and HIPAA compliant?

Gisele

--
Gisele

References:
- ftp site?
  - From: Gisele

Prev by Date: Re: My Evil MIL
Next by Date: OT: Rush and Michael
Previous by thread: Re: ftp site?
Next by thread: Re: ftp site?
Index(es):
- Date
- Thread

Relevant Pages

Re: Hardcoding RijndaelManaged Keys
... > Hardcoding keys into your application is not a very secure solution at ... otherwise there is no possible way for the server to decrypt the client's ... > Signatures and encryption solve two different problems. ... hardcoding your key into a client application. ...
(microsoft.public.dotnet.security)
Re: firewalls that can ssl ftp?
... Secure Transfers ... Bruce Schneier's Blowfish encryption for data transfers. ... Secure SSL based Web Administration Portal ... Works with other FTP Clients/Servers ...
(Security-Basics)
Re: RSA implementation, please comment.
... SYNOPSIS: Is Crypt::RSA secure acceptable in open source if the ... The client asked me to devise "a secure way to save credit card ... I don't know if I can talk you out of keeping the card numbers on the same server but I'm going to try. ... If you must store the data on the same web server, then you are better off generating an encryption key from a good quality random number generator and using a two way algorithm like RC4. ...
(comp.lang.perl.misc)
Re: Encryption Question
... encryption, but then the problem is, how do I decrypt it on the server ... get your public key as a javascript string and send to client, ... holding back the private on the server. ... javascript based method to work in a truly secure fashion, ...
(comp.lang.javascript)
RE: PGP email encryption
... There IS a web client to PGP, and one way to use "email encryption" in PGP ... is to have the PGP server catch the ... > someone receives a notification that a secure email message has been sent ...
(Security-Basics)