Strong Cloud & Application Security
Multilevel security measures mitigate security breaches and protect file transfers from potential threats.
Secure File Transfers at Every Level
How are Thru’s managed file transfer (MFT) solution and the data centers its running in secured?
Adoption of the defense-in-depth (DiD) security model ensures multiple layers of protection for data center infrastructure, application, files and data. Its purpose is to completely stop attacks, but it can also prevent attackers who have broken through one layer of an enterprise network from getting further in.
Are virus scanning and file decontamination supported?
Real-time antivirus scanning of all files transferred through our secure file transfer solution secures your company’s data and infrastructure from viruses and malware. Infected files are automatically quarantined to eliminate security threats.
Are high availability (HA) and disaster recovery (DR) available?
Thru file transfer software runs in Azure data centers that have high availability and disaster recovery in each region. This includes high availability on all critical systems and redundant copies in three zones within a region.
How is data isolated between customers? Can data be segregated between different environments?
Thru software supports traffic isolation between customers and on the flow level. Different instances can be used for geographic regions, business units or other groups. Traffic in one instance has no impact on traffic in another instance.
Validate Identity with Advanced Authentication
Learn More about Authentication
- What is multi-factor authentication?
- What is SAML 2.0?
How MFT integration uses authenticated APIs
What authentication methods are supported by Thru?
Several options are available to increase layers of authentication for systems and users:
User Application Authentication
Password authentication is required to access Thru’s MFT solution. Increase security by implementing multi-factor authentication with text (SMS) or simplify login with single sign-on via SAML 2.0.
System Endpoint Authentication
Thru’s MFT solution supports password and public key infrastructure (PKI) authentication for SFTP and FTPS endpoints. The Thru Node (our managed file transfer agent) uses HTTPS to securely transfer files while using an API secret key strengthens authentication with Thru.
Certificate and Key Management
- SSL certificates for encryption of internet traffic connecting to Thru data centers
- SSH keys for use as access credentials
- PGP keys by import and management of each organization
Notifications for certificate renewals are available for PGP keys and SSH keys.
Role-Based Access Control (RBAC)
Control Access to Specific Data
What types of access management are in place?
Our secure file transfer solution provides an additional safeguard by enabling organizations to granularly regulate and manage access permissions.
Role-Based Access Control (RBAC)
For automated secure file transfers, role-based security controls access to operations, workflows and data under the principle of least privilege (POLP).
User Access Levels
For user-centric file sharing, permissions are available per individual users or per user groups. Built-in security groups control access to application features.
All users are managed by enterprise administrators. Partner self-service administration is also available, allowing management capabilities to administrators of partner organization for only its members and admins.
Thru Application Supports Secure File Transfers
Web Portal Security
Protection against OWASP Top 10 web application security risks. Portals are scanned for security vulnerabilities on a regular basis.
Public API Protection
Secured by security tokens.
Security Testing & Assessment
- Weekly automated vulnerability assessments of Thru platform
- Periodic penetration testing by third-party security vendors
- Static application security testing is performed in all phases of Thru software development life cycle (SDLC) with triage and remediation
- Automated cloud security tools perform dynamic application security testing during both testing and release SDLC phases
Secure File Transfers in Thru Cloud
Domain access control by Active Directory in each deployed geography
Whitelisting and connection management of Thru’s server endpoints protect against security scanning and distributed denial-of-service (DDoS) attacks
Dedicated VPN tunnels with multi-factor authentication for access into production systems by operations personnel
Intrusion protection / detection software
Multiple zones deployed for access controls and traffic logging
High availability for all network components
Weekly automated scanning of Thru’s cloud infrastructure in all service geographies
Global infrastructure and security events monitored 24/7 with security information and event management (SIEM) software
Secure File Transfer Overview
Thru adopts rigorous security measures to protect sensitive file transfers and help maintain compliance.