| Regulation | Requirement | Axway’s Capability | | :--- | :--- | :--- | | | Right to erasure, data portability, breach notification | Syncplicity supports retention policies and user deletion; SecureTransport logs can be exported for DSARs. | | HIPAA | BAA required, access logs, encryption, automatic logout | Axway signs BAAs. Supports AES-256 at rest, TLS 1.3 in transit, and detailed access audit trails. | | PCI DSS | Protect cardholder data, track access | SecureTransport supports PGP encryption for files with PAN data; logging includes who accessed what file when. | | SOX | Change controls, audit trails, separation of duties | Role-based access control (RBAC) in both products; immutable audit logs for file events. | | FedRAMP / IL (Gov) | Controlled unclassified information (CUI) protection | Axway has FedRAMP Moderate authorization for certain deployments; supports FIPS 140-2 validated cryptography. |
The interface and policy engine are complex for non-technical users. For simple compliant sharing, it is overkill and expensive. 2. Product Portfolio for Compliant File Sharing Axway’s compliant file sharing rests on two pillars: | Regulation | Requirement | Axway’s Capability |
Its flagship product, Axway SecureTransport , combined with Syncplicity (acquired for edge sync/share), creates a hybrid model—MFT for B2B/governed flows + enterprise file sync and share (EFSS) for internal collaboration. | | PCI DSS | Protect cardholder data,