GlobalSCAPE EFT Server Enterprise with High Security Module (HSM) & Auditing & Reporting Module (ARM)
High Security Module
Maintain security at the highest levels. The GlobalSCAPE High Security Module (HSM) achieves or exceeds security practices mandated by the most rigorous standards, including PCI-DSS, FIPS 140-2 Validation, HIPAA, and Sarbanes-Oxley. Whether your business is obligated to comply or you simply desire the utmost in security standards, the HSM is your solution for securing data transfer, access, and storage.
Auditing and Reporting Module
Enhanced File Transfer Server's Auditing and Reporting Module (ARM) captures all of the transactions passing through the EFT Server system and then allows you to query the data and view reports from EFT Server's Administrative console. You can analyze captured data immediately using the preconfigured reports, or custom design your own with the included report designer
CoCo Compliant Software, complete with high security compliance tool
The GCSX Code of Connection (CoCo) is a list of security controls with which ALL local authorities must be compliant before their GCSX circuit can be activated. This applies to local authorities who are taking a direct connection, or who are connecting via an aggregated gateway.
HANDD Solutions are designed with Coco compliance in mind
Secure data in transit and at rest: You can be sure with a Managed File Transfer Solution from HANDD, files and folders are protected with the latest technologies, SSH, SSL, PGP etc. Files are encrypted as they are moved, they can also be held in a secure repository, where they are encrypted to all but the authorized users.
Fully auditable transaction register: Seewho is moving files where and when, see what files are being accessed/moved/copied on your servers. Reporting tools are designed with compliance in mind, and you can easily customize the information you need to access for an even better understanding of what file transfers are being made throughout your organization.
Fully auditable user administration: Who has permission to access files and folders, and crucially, who is granting permission?
Tamper evident encryption: Attempts to circumnavigate encryption are registered and records created.
Solutions built with regulatory compliance and industry standards in mind: HANDD and our vendors understand compliance. We only use vendors who take security and compliance to the limit. Our vendors have designed their products with the intention of surpassing current regulatory requirements.
Data Protection, Privacy and the Law: Citizens often have no choice but to entrust government with sensitive personal details if they wish to access services. Like all public sector organisations handling sensitive or ‘RESTRICTED’ data, local authorities have a duty to comply with recognised standards of Information Security management and use the most secure methods of data transfer available when working with this data. Indeed, the Data Protection Act enshrines in law the need to protect ‘sensitive personal data’; and the Information Commissioner now holds powers to carry out spot checks and impose fines on public sector organisations in breach of this Act. GCSX can help local authorities comply with these legal requirements.
Government Policy and the LGA Guidelines: The Cabinet Office has defined a set of data handling guidelines for central government that clarify and reinforce the Data Protection Act for government controlled data. The Local Government Association has published equivalent guidelines for local government. GCSX’ CoCo helps local authorities to implement these LGA Guidelines.
Shared Services: A recent Gartner study shows that GCSX has a clear role to play in connecting the wider public sector and enabling more ambitious shared service initiatives across local government. In some scenarios it may be more cost effective to use GCSX connectivity instead of procuring additional network capability, to share services and information between partner local authorities.
Sharing and Service Transformation: Many opportunities to enhance service delivery depend on data sharing between central and local government departments and locally between public sector organisations. Better use of the data collected by government will enable better, more efficient and more citizen centric services. Sharing data securely requires accredited secure communications channels. But such channels can only be opened when relationships of trust have been established. The minimum requirements for such trust are built into the GCSX Code of Connection.
Trust and Joint Working: There is an increasing realisation that the most significant opportunities for service improvement and cost effectiveness come from improving cross organisational working. Such initiatives need trusted communications channels in order to achieve their potential. There is a rapidly growing list of real opportunities that are wholly dependent on the use of GCSX. Now that trusted and secure channels of communication are established across government, a major barrier to joint working has been removed.
National Indicators: The majority of the current National Indicators require multi-agency working in order to deliver better performance, better use of resources and improved customer outcomes. By using GCSX, local government is now able to share sensitive information securely, reliably and efficiently with key delivery partners and improve performance.
Strategic Alignment across the Public Sector: Government strategy is to procure a ‘Public Sector Network (PSN) to replace the GSi in February 2012. The PSN will enable more seamless connectivity throughout government and the wider public sector. Being connected to GCSX will not only provide local authorities with the benefits outlined above, but will ensure that these frontline organisations are consolidated and supported through the next generation government network.
