|
Hi John
In my opinion (for what THAT is worth) your best bet is to talk with the vendor and discuss with them exactly what they mean.
Alan Shore
Programmer/Analyst, Direct Response
E:AShore@xxxxxxxx
P:(631) 200-5019
C:(631) 880-8640
"If you're going through Hell, keep going" - Winston Churchill
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of jmmckee flinthills.com
Sent: Tuesday, November 29, 2011 3:57 PM
To: Midrange Systems Technical Discussion
Subject: Questionable terminology usage
I have been sending hospital data for some time to a survey company, using sftp. I learned last week that, effective Jan 1, 2012, a new vendor will be used. I just today received the specifications.
I am wondering about the knowledge of this vendor, after reading their technical document. To wit:
IMPORTANT
We strongly recommend that you use File Transfer Protocol (FTP) when sending your live data file. FTP is the simplest and most secure method of uploading.
The above came from an abbreviated document. The full document describes multiple methods of getting data to them.
First is FTP. Again, from their document: "FTP is the recommended method of transmission.
That is followed by these bullets:
Extremely secure using proper encryption (an advantage) Should be an acceptable upload method for HIPAA with proper encryption (another advantage).
All files must be uploaded in BINARY mode (a comment) Do not use ZIP files (another comment).
After reading that, I am confused. I never thought FTP was secure, let alone Extremely secure. And they want data sent in BINARY mode but not ZIPPED. I have been using PKZIP with AES256 encryption.
Their description of FTPs mentions 128 bit SSL encryption and is also HIPAA aceptable, must be BINARY and must use ZIP.
Under SFTP
Extremely secure using the Secure Shell protocol, do not use ZIP files, must be uploaded in BINARY MODE
I have questions about this. Maybe I don't understand what is written. But, I am confused by them wanting BINARY MODE of printable data, that must not be ZIPed, or their statement that plain FTP is "extremely secure".
Fortunately, they do offer sftp. (Almost forgot) There is a disadvantage listed for sftp that seems odd: "Typically requires advanced knowledge of computer networks and protocols". HUH???
Can somebody make sense of this gibberish and explain what I am missing?
John McKee
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.