Guidelines for Data File Transfers to and from Enterprise Systems
All members of the Northwestern Community and users of the University network.
Guidelines for security and confidentiality of data files and file transfers, established by Northwestern Information Technology.
Northwestern University employees and third-party vendors shall abide by the following guidelines for exchanging data files.
- The SFTP file transfer protocol must be used; FTP transfers are not supported.
- SSH keys must be set up for authentication; the use of passwords is not supported.
- All inbound and outbound files must be encrypted regardless of data sensitivity.
- Encrypted data files can be archived on the SFTP application with a 21 day retention period.
Northwestern’s approved enterprise SFTP application should be used for file transfers or other data exchanges between enterprise systems and third-party vendors. It should also be used to exchange files between Northwestern IT enterprise systems and other Northwestern servers that are not housed in the Evanston or Chicago data centers (e.g., Kellogg or Housing servers). This SFTP application provides a fully secure file transfer environment that follows standardized management procedures and is compatible with the Autosys job scheduler.
To request an automated file transfer, an IT Service Manager ticket should be created and assigned to the NUIT-CI-PIPS-DAPS team. The requestor will need to set up a meeting with the vendor’s technical support contact and the assigned DAPS team member to discuss the file transfer configuration.
The following information will need to be shared with the vendor before the meeting.
- The vendor must support Secure File Transfer Protocol (SFTP).
- SSH keys will be used for server authentication.
- PGP file encryption must be used for all file transfers.
File transfer details will be discussed during the meeting with the vendor.
- File transfer direction (inbound to Northwestern, outbound from Northwestern, or both).
- The vendor will be asked how they will transfer files to and from the SFTP application (push, pull, or full automation).
- For outbound file transfers, the vendor server host name, IP address, port number, destination account name and folder location must be provided.
- For inbound file transfers, the vendor’s sending IP address range and port number must be provided. Northwestern will provide an account name and folder destination to the vendor.
Original Issue Date:
- January 2018