Strong Cloud & Application Security

Multilevel security measures mitigate security breaches and protect file transfers from potential threats.

 

Secure File Transfers at Every Level

How are Thru’s managed file transfer (MFT) solution and the data centers its running in secured?

Adoption of the defense-in-depth (DiD) security model ensures multiple layers of protection for data center infrastructure, application, files and data. Its purpose is to completely stop attacks, but it can also prevent attackers who have broken through one layer of an enterprise network from getting further in.

Are virus scanning and file decontamination supported?

Real-time antivirus scanning of all files transferred through our secure file transfer solution secures your company’s data and infrastructure from viruses and malware. Infected files are automatically quarantined to eliminate security threats.

Are high availability (HA) and disaster recovery (DR) available?

Thru file transfer software runs in Azure data centers that have high availability and disaster recovery in each region. This includes high availability on all critical systems and redundant copies in three zones within a region.

How is data isolated between customers? Can data be segregated between different environments?

Thru software supports traffic isolation between customers and on the flow level. Different instances can be used for geographic regions, business units or other groups. Traffic in one instance has no impact on traffic in another instance.

multiple layers of protection for data center infrastructure, application, files and data

Identity Management

Validate Identity with Advanced Authentication

What authentication methods are supported by Thru?

Several options are available to increase layers of authentication for systems and users:

User Application Authentication

Password authentication is required to access Thru’s MFT solution. Increase security by implementing multi-factor authentication with text (SMS) or simplify login with single sign-on via SAML 2.0.

System Endpoint Authentication

Thru’s MFT solution supports password and public key infrastructure (PKI) authentication for SFTP and FTPS endpoints. The Thru Node (our managed file transfer agent) uses HTTPS to securely transfer files while using an API secret key strengthens authentication with Thru.

Certificate and Key Management

  • SSL certificates for encryption of internet traffic connecting to Thru data centers
  • SSH keys for use as access credentials
  • PGP keys by import and management of each organization

Notifications for certificate renewals are available for PGP keys and SSH keys.

Role-Based Access Control (RBAC)

Control Access to Specific Data

What types of access management are in place?

Our secure file transfer solution provides an additional safeguard by enabling organizations to granularly regulate and manage access permissions.

Role-Based Access Control (RBAC)

For automated secure file transfers, role-based security controls access to operations, workflows and data under the principle of least privilege (POLP).

User Access Levels

For user-centric file sharing, permissions are available per individual users or per user groups. Built-in security groups control access to application features.

Self-Service Administration

All users are managed by enterprise administrators. Partner self-service administration is also available, allowing management capabilities to administrators of partner organization for only its members and admins.

Thru Application Supports Secure File Transfers

Thru secure file transfer application cloud surveillance

Web Portal Security

Protection against OWASP Top 10 web application security risks. Portals are scanned for security vulnerabilities on a regular basis.

Public API Protection

Secured by security tokens.

Security Testing & Assessment

  • Weekly automated vulnerability assessments of Thru platform
  • Periodic penetration testing by third-party security vendors
  • Static application security testing is performed in all phases of Thru software development life cycle (SDLC) with triage and remediation
  • Automated cloud security tools perform dynamic application security testing during both testing and release SDLC phases

Secure File Transfers in Thru Cloud

Network Protection

Domain access control by Active Directory in each deployed geography

Whitelisting and connection management of Thru’s server endpoints protect against security scanning and denial of service attacks

Dedicated VPN tunnels with multi-factor authentication for access into production systems by operations personnel

Intrusion protection / detection software

Multiple zones deployed for access controls and traffic logging

High availability for all network components

Infrastructure Scanning

Weekly automated scanning of Thru’s cloud infrastructure in all service geographies

System Monitoring

Global infrastructure and security events monitored 24/7 with security information and event management (SIEM) software

Secure File Transfer Overview

Thru adopts rigorous security measures to protect sensitive file transfers and help maintain compliance.

 

Need to know more about securing file transfers?

Get answers, not a sales pitch. Since 2002, we have analyzed, discussed and solved secure file transfer challenges.

 

Scroll to Top