FISMA Compliance for File Transfers

US capitol building with US flag flying in foreground to emphasize FISMA Compliant File Transfers

What is FISMA Compliance?

Signed into law in 2002, the Federal Information Security Management Act (FISMA) establishes a set of security guidelines that help to reduce the security risk to federal data. FISMA regulations apply to all agencies within the U.S. federal government, some state agencies, and any private sector organization in a contractual relationship with the government. The National Institute of Standards and Technology (NIST) is the agency named responsible for developing the security standards and guidelines necessary for FISMA implementation.

Federal Information Security Management Act Compliance Requirements:

FISMA guidelines cover topics including information system inventory, risk categorization, system security plan, security controls, risk assessments, certification and accreditation and continuous monitoring.

One of the most popular and robust NIST publications set forth in accordance with FISMA is NIST SP 800-53, “Recommended Security Controls for Federal Information Systems and Organizations.” This publication is used by organizations subject to FISMA regulations for establishing and maintaining best practices regarding information security.

Evaluation of compliance is reported annually to the Office of Management and Budget (OMB), and each agency’s FISMA Report Card is available to the public. Penalties for non-compliance includes censure (public reprimand) by congress, reduction in federal funding and negative publicity stemming from the public FISMA Report Card, congressional censure and subsequent media coverage.

Managed File Transfer and FISMA Compliant File Transfer

Ensuring that file transfers performed under the guidelines of FISMA are secure is an essential step towards FISMA and NIST compliance. Several of the NIST SP 800-53 controls can be addressed through the GoAnywhere managed file transfer solution, which include:

  • Data protection and encryption during file transfer processes
  • Access control to limit data access to only those necessary
  • Auditing and reporting to efficiently provide data needed for annual FISMA audits

Read the Datasheet

"Because GoAnywhere was so simple to implement and configure and the documentation was more than sufficient, we saved the additional costs of implementation services. The competing solutions required weeks to implement. GoAnywhere was fully installed, tested and put into production in a few days."

How the Federal and Public Sectors Use GoAnywhere MFT

Adams County, Colorado

The fifth largest county in Colorado, Adams, discovered a streamlined, consistent way to automate their file transfers between internal systems, external systems, and trading partners with GoAnywhere MFT.

To facilitate a payroll project, the team in Adams County started using GoAnywhere's run-time mode to verify that files are correct before going out. As soon as the files are approved by staff, they're sent out with the click of a button.

Read the Full Story: Automating File Transfers Across Multiple Systems 

City of Modesto, California

The City of Modesto needed a secure way to meet their trading partners' requirements. With GoAnywhere MFT, they were able to quickly address their need to submit data to CalPERS (California Public Employee Retirement Systems).

Read the Full Story: Meeting Trading Partner Requirements with MFT 

Maryland's Department of Labor, Licensing, and Regulation (DLLR)

The State of Maryland's Department of Labor, Licensing, and Regulation (DLLR) needed to securely automate their native processes on the IBM i. Discover how GoAnywhere MFT allowed the development staff to return to their regular development tasks.

Read the Full Story: Handling Documents Securely and Efficiently with GoAnywhere MFT 

Florida's Public Defender's Office 4th Circuit

When the county clerk’s office stopped accepting paper documents, the Public Defender’s Office - 4th Circuit found GoAnywhere MFT, a solution that reduced employee workloads, improved collaboration, and satisfied compliance requirements for web service connections and e-filing. Read the full case study to learn more.

Read the Full Story: Achieving Successful File Transfers and Secure Collaboration