MyMXData is designed to handle export-controlled data securely, ensuring compliance with ITAR. This article covers key features, security measures, data handling practices, and how MyMXData supports ITAR requirements.
Overview of MyMXData
MyMXData is a secure file transfer solution for managing sensitive and export-controlled data. It focuses on controlled transfers, strict user verification, and secure storage. Trusted by leading automotive brands and organizations dealing with defence-related information, MyMXData supports over 10,000 active users and facilitates the exchange of more than 150,000 files weekly.
Key strengths include:
Security & Compliance: Patented quantum-level encryption and auditable activity.
File Control: No public link sharing, with access limited to named users.
Collaboration: Secure sharing without size limits.
Export-Controlled Data Management: Features tailored for restricted data.
ITAR Compliance Features
MyMXData uses an ASR (Anonymize, Shard, Restore) methodology to protect technical data under export laws:
Files are anonymized and broken into encrypted shards.
Shards are stored in physically and logically separated locations.
Data is reconstructed only for verified personnel, exceeding AES-256 encryption standards.
Access is restricted to authorized individuals meeting ITAR eligibility. Files are shared via:
Named user-only access.
Data hosting in approved ITAR-compliant regions.
Encrypted, access-controlled channels.
There is no persistent syncing; files are moved securely without automatic mirroring. Geo-fencing and identity-based security prevent unauthorized foreign access. MyMXData aligns with ITAR and related frameworks like NIST 800-171, using encryption, geographic restrictions, and logs to prove data remains within authorized territories.
Security Measures
Security is built-in with:
Encryption: AES-256 in transit and at rest, with keys scoped to specific exchanges for traceability and revocation.
Supplier Segmentation: By program and tier to prevent leaks.
Audit Trails: Evidence-grade logs recording views, downloads, and forwards, including identity, IP, and timestamps.
Access Controls: Expiry windows, revocation and no public links. Authenticated sessions are required.
Authentication: Support for SSO, MFA, and hardware keys.
Data Residency: Options to keep data in approved regions.
Integrity Checks: Validation for large file transfers.
Data Handling
MyMXData emphasizes secure movement over long-term storage:
Targeted handling for uploads, downloads, and tracking.
No archiving; focused on transferring sensitive files like CAD, drawings, assemblies, and test videos without size limits.
Chunk validation ensures integrity.
Encrypted portals for secure intake.
Conversations linked to files within protected workspaces.
Branded portals aligned with organizational protocols.
Certifications and Compliance Alignment
MyMXData complies with ITAR, CCPA, and ISO 27001, embedding encryption and audit logging into workflows. It supports additional regulations such as:
HIPAA (for medical records in defence contexts).
SOX (financial file transfers).
GLBA (financial services data).
FISMA (encryption and access controls).
FERPA (student-linked files).
CJIS (law enforcement data).
IRS 1075 (payroll/tax records).
NIST 800-171 (CUI encryption and auditable controls).
For export controls:
Geo-fencing restricts access to approved countries/networks.
Recipient-bound decryption tied to screening.
Immutable logs provide compliance proof.
FAQs on ITAR Compliance
How does MyMXData support ITAR? By restricting access to verified recipients, prohibiting public links or forwards, and using AES-256 with ASR encryption.
How is compliance demonstrated? Through immutable logs for uploads, downloads, and accesses, serving as authoritative audit records.
How is unauthorized access prevented? With geo-controls (US-based data storage for shards) and identity-based reconstruction for approved recipients only.