The Secure File Transfer service is a web-based application that provides an easy and secure alternative to email when transferring large files. OTIS provides two Secure File Transfer options:
- User-Initiated Secure File Transfer (UISFT)
- Batch Interface Secure File Transfer (BISFT)
UISFT is for one-time or ad hoc file sharing needs. It sends notifications or invitations among individuals to initiate action. UISFT allows Managed Active Directory customers to upload files into the system. An invitation to download the file is sent to the intended recipients, who are not required to be authenticated users. Likewise, sc.gov users can also send unauthenticated users an invitation to upload files into Secure File Transfer system. Expiration dates are used to manage the retention of files uploaded into Secure File Transfer system.
BISFT is for recurring file transfer over multiple periods, it allows for the automation of system processes by allowing scripting of secured file exchanges. BISFT includes performance reporting and analytics on file exchange transmissions.
- Key Features and Benefits
- Secure File Transfer allows for SFTP/SSH and HTTPS connections.
- Data transmission is done by using one of the following methods:
- Secure File Transfer Protocol (SFTP): This method requires the customer to have FTP software for connecting and transferring data.
- Hypertext Transfer Protocol Secure (HTTPS): This method requires the customer to connect and transfer data using any web browser.
- Automated script transmission and retrieval for recurring file exchanges.
- Data is stored and transmitted securely by ensuring data is encrypted at rest and in transit.
- Batch transfers of system data.
- Secure file sharing can move files to and from FTP accounts inside or outside the state’s network, file shares and servers.
- Physical Security & Facilities
- Host all managed firewall technologies in the State Data Center, which has appropriate physical and environmental security controls such as biometric access control, internal and external security camera coverage, 24x7x365 armed uniformed officer, conditioned UPS power, emergency power, fire detection and suppression and temperature control.
- Management and monitoring of physical security to the data center.
- Management and monitoring of the data center environment (e.g., racks, power and cooling).
- Management of emergency response for man-made and natural disasters.
- Redundant electrical power and cooling infrastructure is provided.
- Hardware
Secure File Transfer hardware technologies and associated connectivity components as required for Secure File Transfer infrastructure.
- Software
- Managed file transfer software applications.
- Planned maintenance is performed Saturday 8:00 a.m. – 12:00 PM. Customer will have a dedicated resource to coordinate restoration of service after maintenance unless otherwise notified.
- Installation and Configuration
• Installation and configuration of supported Secure File Transfer technologies at the State Data Center.
• OTIS supports patching of the client file transfer software applications.- Support and Administration
• Incident resolution through the Division of Technology Operations (DTO) Service Desk.
• Assist customers with troubleshooting and diagnosis of incidents.
• Provide tutorials to customers on how to utilize each of the Secure File Transfer options.- Exclusions
- Not applicable.
- Prerequisites
- Required service(s) for eligible customers:
- Managed Server or Virtual Colocation (if applicable)
- Customers must also purchase one of the Managed Server offerings to be eligible to purchase BISFT.
- Customers must also purchase one of the Managed Workstation offerings to be eligible to purchase UISFT.
- Required service(s) for eligible customers:
OTIS and Customer Responsibilities
| Responsibilities | OTIS | Customer |
|---|---|---|
| User Initiated Secure File Transfer (UISFT) | ||
| Provide list of users needing SFTP access. | Image
| |
| Provide SFTP accounts for users. | Image
| |
| Provide single sign on (SSO) options for users. | Image
| |
| Provide reports of user activity (files sent/received and sign-in activity). | Image
| |
| Maintain and update SFTP infrastructure. | Image
| |
| Download and maintain data once it has left SFTP infrastructure within 30 days. Note: SFTP data is temporary and not intended for long term storage. | Image
| |
| Batch Initiated Secure File Transfer (BISFT) | ||
| Provide vendor information including source/destination IP address. | Image
| |
| Provide SFTP credentials for batch service accounts. | Image
| |
| Provide PGP public key for file encryption if applicable. | Image
| |
Provide reporting of service account activity (files sent/received and sign-ins). | Image
| |
Provide file share for file storage and transfer. | Image
| |
| Provide file share for file storage and transfer based on compliance requirements. | Image
| |
| Verify connectivity between SFTP server and remote clients. | Image
| |
| Maintain and update SFTP infrastructure. | Image
| |
| Retrieving and sending files to and from vendor. | Image
| |
| Download and maintain data once it has left SFTP infrastructure within 30 days. Note: SFTP data is temporary and not intended for long term storage. | Image
| |
| Maintain any scripts for connecting to the service. | Image
| |
| Provide up to date client software with maintained ciphers. | Image
| |
| Service Level Name | Description | Target Service Level |
|---|---|---|
| Incident Response – Severity 1 and 2 | Means the percentage of time it took for a Severity Level 1 and Level 2 Incidents to be acknowledged and worked by OTIS within the applicable timeframes in the Service Level Definition. | 99.00% |
| Incident Response – Severity 3 and 4 | Means the percentage of time it took for a Severity Level 3 and Level 4 Incidents to be acknowledged and worked by OTIS within the applicable timeframes in the Service Level Definition. | 95.00% |
| Service Request Fulfillment Timeliness | Means the percentage of time OTIS successfully completes “Service Requests” (defined as requests that are not automated self-provisioned or that do not require solution proposal development; examples of such requests include provisioning ID access, password resets, Service Catalog requests, IMACDs) within the applicable timeframes. | 96.00% |
Service Rates
| Resource Unit | Monthly Rate |
|---|---|
| Batch FTP | $38.99 |
| User FTP | $31.65 |
Service Contacts
To report issues related to this service, customers should contact the Division of Technology Operations (DTO) Service Desk (servicedesk@admin.sc.gov).
For additional information on this service customers should contact their Agency Relationship Management (ARM) representative or the Program Management Office (pmo@admin.sc.gov).
Estimate Initial Service Delivery Time
Next business day for new or existing User Initiated Secure File Transfer service customers (following approval of the Request for Solution (RFS) and independent of other services).
Within 5 business days for new or existing Batch Initiated Secure File Transfer service customers (following approval of the Request for Solution (RFS) and independent of other services).
| Customer Entity Type | Eligible |
|---|---|
| State Agencies | Yes |
| Local Government Entity including Municipality and County | No |
| Higher Education | No |
How To Order
Agencies should contact their Agency Relationship Management (ARM) representative or the Program Management Office (pmo@admin.sc.gov) to acquire these services.
