OTP Email for Shared URLs

Systems

• April 06, 2022 17:08

What is the problem that this feature would fix? 

Right now you can create a link and password protect it to share documents. In order to meet some compliance rules I must verify the identity of the person accessing the files which is not possible using the Share function at this time

Why is it a problem?

There is no identity verification for links which causes File Sharing Confidentiality issues. You are unable to prove who used the Link and Password to access the data.

Is there a workaround you currently have for this problem? 

Manually Creating User accounts for all users we have to share with.

Do you have a suggestion on how you would like to see the problem fixed?

Create a Share option in the email area like "Require OTP Verification". So when the email is sent the person receiving will click the link, enter the share's password and then be emailed a 6 digit code. Once they receive that code they enter it on Cerberus HTTP.

 

This will prove the person accessing the link also has access to the email which can reasonably prove the person accessing the link is the Intended Recipient.

How big is the problem? Who is affected by this problem (End Users, Admins, etc.)? 

Without this feature the usage of the share feature will cause Data Confidentially Audits to fail.

5

• 

  Brian mcGovern

  • May 06, 2022 15:13

  Something like this would be incredibly useful for companies that do business with the Federal government. Often times they fall under compliance regimes that require some form of multi-factor authentication in order to access systems.   The ability to turn this on for people without an account would be incredibly helpful. Otherwise we have to create accounts for any person that needs to share files via Cerberus 

  1
• 

  John Marshal

  • May 10, 2022 22:43

  This would allow me to use CerberusFTP to meet DFARS Regulations. This would be great to see in a future release.

  1
• 

  Jerry Byron

  • May 26, 2022 18:07

  This would help us use CerberusFTP for Business to Business File Transfers of sensitive data. The current share options doesn't give us the Ability to verify the person still has access to the email account which causes an issue for us as we must verify the person who is getting access to the files is still authorized to access said files. If this can be implemented by next year we'd move all our sites to Cerberus as it has many features we'd want.

  0
• 

  Robert Hamilton

  • September 15, 2023 19:37

  Would like this feature, following

  0
• 

  Connor Woolfolk

  Community Manager

  • September 18, 2023 14:01

  Hello all,

  Just wanted to let everyone know, this feature is indeed in the works. I do not have a solid date or ETA on it that I can provide at this time, but I am hopeful that it will make it into a release sooner rather than later.

  0

Please sign in to leave a comment.