Transfer Method - Passwords
- rossc
The Ten Musts of File Transfer
When transferring files over our network, the following rules apply:
The protocol MUST provide industry standard encryption of credentials and data in transit.
The protocol MUST require authentication.
The endpoint MUST only be accessible by the 3rd party and Flip (no other accounts can have access to Flip or Flip’s customer’s files)
If password authentication is used, the endpoint MUST allow for passwords of at least 16 characters. 32 characters is preferred.
If password authentication is used, the password MUST be randomly generated and include symbols, lower, upper and digit characters
If password authentication is used, the password MUST be communicated to Flip via secure means. E.g. Not in plain text via email. (eg pwpush.com)
If the protocol offers server authentication via Public Key or certificate, the 3rd party SHOULD communicate the public key or fingerprint via email. I.e. we should not have to determine the fingerprint by connecting to the server, as the server we connect to may not be the server they want us to connect to.
if the protocol and 3rd party offer Public Key authentication, Flip SHOULD implement that in preference to password authentication
Flip MUST enquire as to the availability of IP address allow-listing by the 3rd party’s file transfer service, and if available, request that our outgoing IP addresses are allow-listed (for mental health’s sake, get he EFM and Flip office IP addresses allow-listed too). The details of these implementations should be documented, perhaps in 1Password.
Flip MUST enquire as to the implementation of other security measures such as IP fail2ban (the practice of banning nuisance IP addresses), or authentication failure limits (the practice of preventing a user or IP from logging in for a period if they fail authentication a number of times). The details of these implementations should be documented, perhaps in 1Password.