The interface and policy engine are complex for non-technical users. For simple compliant sharing, it is overkill and expensive. 2. Product Portfolio for Compliant File Sharing Axway’s compliant file sharing rests on two pillars:
| Product | Primary Function | Compliance Angle | | :--- | :--- | :--- | | | Managed File Transfer (MFT) server | Audit trails, encryption (PGP, AS2, SFTP, FTPS), tamper-proof logging, role-based access | | Axway Syncplicity | Enterprise file sync & share (EFSS) | Data loss prevention (DLP) integration, remote wipe, granular sharing policies, classification labels | The interface and policy engine are complex for
| Regulation | Requirement | Axway’s Capability | | :--- | :--- | :--- | | | Right to erasure, data portability, breach notification | Syncplicity supports retention policies and user deletion; SecureTransport logs can be exported for DSARs. | | HIPAA | BAA required, access logs, encryption, automatic logout | Axway signs BAAs. Supports AES-256 at rest, TLS 1.3 in transit, and detailed access audit trails. | | PCI DSS | Protect cardholder data, track access | SecureTransport supports PGP encryption for files with PAN data; logging includes who accessed what file when. | | SOX | Change controls, audit trails, separation of duties | Role-based access control (RBAC) in both products; immutable audit logs for file events. | | FedRAMP / IL (Gov) | Controlled unclassified information (CUI) protection | Axway has FedRAMP Moderate authorization for certain deployments; supports FIPS 140-2 validated cryptography. | | | PCI DSS | Protect cardholder data,