- Why Sharetru?
- Learning Center
GLBA compliance starts with how your organization interacts with its customers. Protecting customer data from being accessed by unauthorized parties must be a priority throughout your organization.
Banks and financial institutions must also communicate to customers how their financial data will be used and who it will be shared with. Customers must also be given the opportunity to opt out if they’re not willing to have their information shared with third parties.
Sharetru’s Advanced Security and Compliance Add-on provides you with IDS, IPS, and virus and spyware protection so you can share private data with confidence.
The Gramm-Leach-Bliley Act (GLBA) is also known as the Financial Modernization Act of 1999. It is a U.S. federal law that requires financial institutions to explain how they share and protect their customers’ private information.
Part of this law is the Safeguards Rule, which ensures that those under GLBA jurisdiction have specific means to protect private information. According to the rule, GLBA adherents must “develop, implement, and maintain administrative, technical, and physical safeguards to protect the security, integrity, and confidentiality of customer information.”
With advanced multistage encryption, comprehensive access control, and a full suite of top-notch security features, our platform sets you up for smooth, GLBA-compliant file sharing.
The goal of all your SOX-based compliance measures should be to protect all financial data. Many companies take the step of encrypting all of their sensitive financial data, guarding it against unauthorized access.
Besides data encryption, your organization should also have appropriate security controls in place to prevent data loss or alteration. Following cybersecurity best practices with regard to granular access controls, user passwords, and file sharing security helps you protect SOX-covered information.
Our platform provides robust baseline security features out of the box, while our Advanced Security and Compliance Add-on gives you the support you need for SOX-compliant file sharing.
The Sarbanes-Oxley Act (SOX) was passed in 2002 to ensure the protection of shareholders and citizens from the accounting errors and fraudulent practices of enterprises. It also helps to confirm the accuracy of these businesses’ public disclosures.
Since all public companies have to comply with SOX, understanding the steps your organization must take to maintain compliance is essential. To stay SOX-compliant, public companies must:
All of our servers are located within a highly secure data center in the U.S. Those servers also live within a cloud infrastructure that is both PCI compliant and certified by VISA.
Sharetru enables you to restrict access to users, assign a unique ID or login to each employee, and limit physical access to sensitive data. For advanced protection, our customers’ file sharing sites are hosted behind hardware and software firewalls.
With our platform, you also have the ability to require your users to connect to your file sharing site using encrypted protocols with no exceptions, keeping your customer data safe and sound.
The Payment Card Industry Data Security Standard (PCI-DSS) is a set of requirements governing the security of account data for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards.
Information like account numbers, cardholder names for credit cards and other forms of payment information, expiration dates, and more fall under the requirements of PCI-DSS. These requirements are particularly necessary for the healthcare and financial services industries, where a data breach could result in identity theft and irreparable damage to a company’s reputation.
Sharetru provides every possible control for you to securely safeguard cardholder information compliant with PCI-DSS security standards.
Executives may be ordered to pay up to $1 million in fines and could be imprisoned for 10 years for knowingly certifying financial reports that don't comply with SOX requirements.
Violations of GLBA can also result in expensive penalties and jail time, such as:
$100,000 fines levied on financial institutions for each violation
$10,000 fines to be paid by individuals in charge for each violation
Up to 5 years in prison for individuals found in violation
Fines for violating PCI-DSS typically range from $5,000 to $100,000 per month and can be increased based on the period of non-compliance.
That’s why it’s absolutely essential that your data storage and transfer platform helps you cover all your bases when it comes to compliance. Sharetru does exactly that and more.
In addition to shielding your organization from significant financial penalties, complying with GLBA, SOX, and PCI-DSS protects nonpublic information. This in turn builds trust and loyalty, supporting your customer retention.
Because of the onslaught of malware and ransomware attacks on financial institutions, having a robust cybersecurity defense is vital to your business. Most security threats come from within an organization, so it’s important for you to be able to track your users’ activity quickly as our platform enables you to do.
The potential fines your organization could face for violations of GLBA, SOX, or PCI-DSS are considerable. It’s crucial that you equip your organization with a secure file sharing solution like Sharetru, which makes it much easier to comply with these key frameworks.
Build and Maintain a Secure Network
To decrease the risk of unauthorized access, we never use default system passwords. We also maintain a secure firewall at the perimeter of our network to protect your customer data from breaches.
Protect Cardholder Data
All platform subscriptions include encrypted protocols, and you can control the use of encrypted transmission. We recommend pre-encryption but do offer automated server-side encrypted storage mechanisms.
Maintain a Vulnerability Management Program
To further reduce the risk of compromising your customer data, we reinforce the security of our platform by configuring our office systems, such as Windows desktops, with regularly updated anti-virus software.
Implement Strong Access Control Measures
Our platform enables you to assign unique login IDs to users. We operate in a high-security data center that requires biometric + card + pin for physical access, and our servers are safe inside locked cabinetry.
Regularly Monitor and Test Networks
To help you track and monitor all access to network resources and customer data, we log all historical access activity and make those detailed logs available to you at all times. We also routinely test our system for vulnerabilities.
Maintain an Information Security Policy
Our security policy helps to ensure your folders and data transmissions are secured, your users must comply with essential controls like password strength and encrypting transmissions, and your auditors can verify everything.
You don’t have to just take our word for it. We’ve been leading the charge in secure online file sharing since the beginning, and we’d love to show you how we do it. Schedule your demo today.