By taking these steps, you can effectively evaluate Globalscape's security software on CUI protection and make an informed decision about their suitability for your organization's needs.
With the Cybersecurity Maturity Model Certification (CMMC) 2.0, contractors handling CUI must achieve Level 2 (which aligns with NIST 800-171). GlobalSCAPE can help meet several practices, but note: By taking these steps, you can effectively evaluate
| NIST 800-171 Family | GlobalSCAPE Capability | Gaps / Notes | |----------------------|------------------------|---------------| | | Granular folder/user permissions; IP allowlisting; session timeouts | Requires careful configuration—overly permissive default roles could expose CUI | | Audit & Accountability (AU) | Full user activity logging; immutable audit trails (with WORM storage) | Logs must be protected from modification; EFT supports this if configured to write to non-editable storage | | Configuration Management (CM) | Secure baseline templates; change logging | No automated compliance scanner for DISA STIGs (you must manually verify settings) | | Identification & Authentication (IA) | MFA support (TOTP, smart cards, RADIUS); password complexity enforcement | MFA is an add-on module (not base); for CUI, MFA for all interactive logins is strongly recommended | | System & Communications Protection (SC) | TLS 1.2/1.3 for data-in-transit; OpenPGP and SMIME for encryption; DMZ gateway support | No built-in data-at-rest encryption for CUI files stored on local drives (requires underlying OS/disk encryption like BitLocker) | | System & Information Integrity (SI) | Antivirus scanning via ICAP; file integrity monitoring (checksums) | No native FIM for configuration files; must integrate with third-party tools | GlobalSCAPE EFT provides a robust
Here is a security-first evaluation.
GlobalSCAPE EFT provides a robust, FIPS-validated transport layer and granular access controls that meet the spirit of NIST 800-171 for file transfer scenarios. It is widely used in federal, healthcare, and DIB environments. and DIB environments.