January 10, 2018

    Secure File Sharing Essentials for Military Contractors

    Keeping data and information secure as a military contractor is vital. Not only is it key for maintaining your reputation as a trustworthy military contractor, it’s also mandated by ITAR (International Traffic in Arms Regulations). These U.S. government regulations control the import and export of defense related data pertaining to items on the USML (United States Munitions List). The chief aim of ITAR is to ensure that sensitive data is shared only with authorized U.S. citizens and doesn’t fall into the hands of foreign countries or persons.

    What happens if you fail to comply with ITAR mandates? As a government contractor, the consequences of non-compliance carry a heavier weight than noncompliance in other industries. If you don’t meet ITAR standards, you could be barred from future import and exports, effectively killing your business. Additionally, you could face civil fines up to $500,000 per violation and criminal fines up to $1,000,000 per violation. And finally, you could even face up to 10 years of imprisonment per violation. Those are major risks you don’t want (and probably can’t afford) to take.

    To ensure you don’t face these consequences, you need to take every precaution to maintain ITAR compliance. And, since you may be sharing data files with other military contractors (or subcontractors), your file sharing solution is the first step. Though many file sharing solutions provide secure sharing, few are ITAR compliant. This article will explain some of the key features you should look for in a file sharing solution for military contractors.

    Restrict Country Access

    One of the chief aims of ITAR regulations is to ensure secure files are only accessed by U.S. citizens and don’t fall into the hands of foreign persons or nations. When you’re selecting a file sharing solution for military contractors, it’s crucial that the one you choose allows you to restrict logical access by country.

    Look for a top FTP solution, like Sharetru, that uses a professional Geo-IP database that tracks 99.9999% of all IP addresses in use worldwide. This feature gives you unparalleled control over front-line access by country. Additionally, look for a solution that relies on managed, advanced hacker detection and prevention to keep unauthorized parties at bay. These hacker prevention measures also prevent brute force attacks before hackers even encounter a login prompt. That’s a level of data security you can’t afford to pass up.

    IP Address Restrictions

    Beyond country restrictions, military contractors need the ability to restrict site access even further. When you choose a top file sharing solution for military contractors, you will not only have the capability to restrict access to within the U.S., but you will also be able to restrict each user to a specific IP address or IP range.

    This provides contractors with a powerful security layer that allows your site administrators to create and set user-level access rules restricting user connections by remote IP address and/or protocol. This means that even if a user’s password is compromised, it can’t be used from an unauthorized location.

    Some example restrictions include:

    • "john.smith" can connect from " -", but only on "SFTP"
    • "bob" can only connect from "" on "Any protocol"

    IP address restriction also meets the requirements for two-factor authentication, granting access based on both password and IP address. For military contractors, it’s gives you even greater control over who accesses your data and from what location.

    End-to-End Encryption

    Data needs to be secure at every point, both when it’s at rest on your server and when it’s in transit to another party. So, military contractors need a file sharing solution that provides strong end-to-end encryption. With end-to-end encryption, at-rest encryption protects all files while on your file sharing server and in-transit encryption protects files that are sent to both your peers and your clients. You can rest easy knowing that files are protected at every touch point.

    The U.S. government outlines its cryptographic computer security standard in the Federal Information Processing Standard (FIPS) Publication 140-2. Top FTP solutions have encryption measures that will keep you FIPS 140-2 compliant for data that is in transit and at rest. To ensure you’re aligning with security standards that apply to your company, end-to-end encryption is a must have feature for any military contractor. And, it’s a must have feature for staying ITAR compliant.

    Dedicated Firewalls

    Firewalls control and track IP traffic between networks, making this security measure imperative in file sharing solutions for military contractors. If you want to maintain ITAR compliance and protect sensitive data from foreign entities, you need dedicated firewalls to control access.

    To align with the ITAR mandate that military contractors -- “detect exfiltration of data using firewalls,” -- verify that the file sharing solution you’re adopting provides a firewall that offers internal and external protection for your virtual machines (VMs). Also, ensure that the solution you choose has active-active failover configuration.

    When you trust a managed file sharing solution, they’ll likely have other clients in addition to your company. Discuss the protections of their Virtual Private Data Center (VPDC) to ensure your data is completely isolated from other customers using their files sharing solution.

    ITAR compliance is an important topic that must be taken seriously by government contractors. Not only does noncompliance have repercussions for you and your business, it could have repercussions for the country, as well. Make sure when you choose file sharing solutions for military contractors, you adopt one that makes ITAR compliance simple. With built-in features like country and IP address restriction, end-to-end encryption, and dedicated firewalls, you’re able to maintain compliance without expending additional time or energy on your efforts.

    Sharetru offers all these essential features (and more), making it an ideal option for military contractors. While other file sharing solutions may hit some of the marks, you can’t afford to fall short in other areas. Consider your options for a file sharing solution for military contractors carefully before making your file decision. Your business could depend on it.


    Martin Horan

    Martin, Sharetru's Founder, brings deep expertise in secure file transfer and IT, driving market niche success through quality IT services.

    Other posts you might be interested in

    View All Posts