End-to-end file non-repudiation is the ability to prove who uploaded a specific file, who downloaded it, and that the file uploaded and the file downloaded are identical. It is a security best practice and required by Federal Information Security Management Act (FISMA), Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act (SOX), and others.
The ability to provide end-to-end file non-repudiation is an essential part of any secure file transfer solution because it provides the following benefits.
Providing end-to-end file non-repudiation requires using a secure file transfer server that can perform all of the following activities:
The cryptographically valid SHA1 and MD5 algorithms are widely used to do file integrity checking. SHA1 is the stronger of these, and is approved for file integrity checking under US Federal Information Processing Standard FIPS 140-2. MOVEit secure file transfer server and MOVEit Automation MFT automation server each have built-in FIPS 140-2 validated cryptographic modules that include the SHA1 and MD5 algorithms, which they use for file integrity checking.