Introduction
In the latest SFTPPlus version we have introduced support for Purview sensitivity labels.
Microsoft Purview provides a range of security and compliance solutions to help protect your file transfers, ensuring data security, privacy, and regulatory compliance.
Sensitivity labels are used to classify the content of files. When a label is applied (automatically or by the user), the content is protected based on the settings you choose inside the Purview compliance portal.
SFTPPlus software handles both server-side and client-side transfers.
SFTPPlus can automatically apply labels based on the various file based rules, like file name or parent directory name. It can also detect the security labels attached to exiting files and accept or reject the uploads based on your security requirements.
Once a file is accepted or rejected it can be forwarded to a specific directory, or removed or forwarded to any other file transfer server or custom HTTP API. Alerts or notifications can be triggered when a file transfer doesn't comply with your current data governance policy.
Integration with SFTP server
Purview integration is supported on both Windows and Linux servers (Ubuntu or Red Hat Linux). Inside the SFTPPlus file transfer product, Purview is configured as an event handler.
You can use it with to implement an SFTP server or FTPS / FTP file transfers.
The file classification is implemented without impacting usability. End users will upload or download the files using the file transfer tools they are already familiar with. They can use their preferred web browser, or SFTP desktop client tools like Filezilla or WinSCP.
Files that are auto-labeled by SFTPPlus don't change the file format. End users can continue working normally.
SFTPPlus MFT can detect labels that are applied manually. Any document type supported by Microsoft Information Protection (MIP) SDK is automatically supported.
Technical details
SFTPPlus MFT will use the Azure Entra ID login and API to discover the sensitivity label. It will use the Microsoft Information Protection (MIP) SDK to detecter or apply labels inside files.
You will use the Office 365 Security and Compliance Center to create the sensitivity labels used for your file transfers.
If you are using the Azure Information Protection labels, you will need to migrate. See the How to migrate Azure Information Protection labels to the Office 365 Security & Compliance Center guide provided by Microsoft.
You don't need to download or install the MIP SDK.
On Linux, no other libraries need to be installed.
On Windows, the only requirement is to have the C++ redistributables install on your Windows Server. You can get the redistributables from here.
The security labels handling is available in any of the file transfer servers supported by SFTPPlus MFT:
- FTPS - FTP with TLS or legacy FTP
- SFTP - File transfer over SFTP
- HTTPS - Web transfers
Via the security labels you can use the Data Loss Prevention (DLP) in Microsoft Purview for Windows endpoint devices to block, block with override and audit.
Get help from experts
Microsoft Purview strengthens file transfer security by applying DLP, encryption, insider risk management, and compliance tracking. Deploying Microsoft Purview can be complex due to its broad scope, integration requirements, policy configurations, and compliance considerations.
At ProAtria we can help integrate your file transfers with an existing or a new Purview deployment.
For more than two decades we have been helping our customers to improve the security of their file transfers.
If you need support for integrating your file transfers with Purview, get in touch with us.