Ensured Data Integrity
To ensure the security of your data in transit across a public network, you need more than an encrypted connection. You need a secure file transfer client that can preserve data integrity. VanDyke Software's SecureFX® protects your data by applying a number of security measures supported by the Secure Shell (SSH2) protocol.
How Data Integrity May Be Compromised
Data integrity means that information sent from one end of a file transfer operation arrives intact at the other. Data integrity may be compromised through a man-in-the-middle attack, a hack that involves an attacker making independent connections with a client and host and relaying messages between them so that users at each end believe they are communicating over a private connection.
Man-in-the-middle hacks may result in insertion and replay attacks that involve data being injected into the data stream to corrupt your data in transit and/or replay a previous command (usually at an inappropriate time).
How Data Integrity May Be Preserved
Data encryption does not protect file transfer operations from man-in-the-middle hacks or insertion or replay attacks. One way to ensure that the data received on one end of a transaction is the same as the data sent from the other end is message authentication.
SecureFX supports secure file transfer using (SSH2) Message Authentication Code (MAC). A Secure Shell MAC is simply a hash of the data (packet payload) that is being transferred. The hash value is associated inseparably with the packet itself. If the client is sending a packet to the server, the client hashes the packet's payload and associates the resulting hash with the packet when it is sent to the server. When the server receives the packet, it hashes the packet's payload as well, and compares its own hash result with the hash result provided by the client. If the hash results don't match, the SSH2 protocol mandates the transport be closed—i.e., the client is disconnected from the server.
Comprehensive Data Security and More
By supporting SSH2 security safeguards—data encryption, message authentication, and host identity verification—SecureFX can do more than ensure the security of your data in transit. SSH2 also compresses data prior to encryption, maximizing the efficiency of a connection. The reduction in file size can be beneficial for large file transfers.
To ensure data integrity, you need a secure file transfer program that employs SSH2-supported MAC. SecureFX provides the comprehensive data security you need. Download SecureFX for a free 30-day evaluation. To get started:
Please contact us for assistance in finding the right solution for your organization.