Enterprises should have risk awareness when facing data compliance
In recent years, it has become increasingly common for private information or confidential documents of individuals or enterprise groups to be infringed, even stealing enterprise or personal information for personal gain. With the promotion of Network Security Law, data compliance has become the focus. People's awareness of data security is increasing, and file storage and file transmission technologies are also developing towards standardization, standardization, and compliance. Standardization of data transmission will be a major trend in the data industry in the future.
Raysync fully responds to the call of national data transmission compliance and improves the security of file transmission from the aspects of Web security office design, account & password protection security design, transmission security design, software installation & operation security design, behavior audit, encryption certificate life cycle management, etc., providing users with a high-speed, safe and convenient file transmission acceleration platform.
Account protection security design:
Login authentication has a built-in anti-violence cracking mechanism, and the user enters the wrong password five times in a row within 3 minutes, and the account will be automatically locked; Session identification in login is generated by using the interface of OpenSSL high-strength random function RAND_bytes () to prevent random information from being hit by the simulator.
WEB security design:
User-side Web Portal and management-side Web Portal support access IP address isolation and port isolation; The administrator can disable the user plane Web Portal or the management plane web portal as required. Support HTTP and HTTPS, the administrator can disable HTTP and only provide Https service; The Web page of Raysync login, the effective range of session is only valid for the current access page, completely eliminating CSRF cross-site attack; Before each version is released, Huawei Cloud Online Professional Web Vulnerability Scanning Service is used to scan vulnerabilities and repair the latest released vulnerabilities in time; Https TLS only opens the encryption algorithm suite recognized as safe in the industry.
Transfer security design:
In the transmission process, Raysync is protected by Hash verification at the transmission message level, file block, and the whole file to ensure the integrity of the transmission content; TLS 1.3 is used for end-to-end encryption between the Raysync client and the Raysync server to prevent man-in-the-middle attacks on the network. Raysync only needs to expose one port to the outside, which can satisfy all users' access and greatly reduce the exposure risk of firewall ports.
At present, 2W+ enterprises are using the file transfer solution provided by Raysync.