JSCAPE Secure FTP Server – PCI DSS Compliance Statement
The PCI Data Security Standard (PCI DSS) is the security standard for security management, policies, procedures, network architecture, software design and other critical protective measures for the payment process industry - including merchants, payment devices and services vendors, processors and financial institutions.
JSCAPE Secure FTP Server when used properly can help you to achieve PCI DSS compliance. The PCI DSS requirements that are addressed by JSCAPE Secure FTP Server have been identified in the table below.
JSCAPE Secure FTP Server is a platform independent managed file transfer server that supports FTP, FTPS (FTP over SSL), SFTP (FTP over SSH), HTTP/S and WebDAV protocols. JSCAPE Secure FTP Server greatly simplifies the process of securely exchanging data with trading partners and the automation of file transfer processes.
Platform independent Java based installers are available for Windows, Linux, Solaris ,UNIX, and Mac OS X platforms making JSCAPE Secure FTP Server perfect for corporate environments that depend on multiple platforms.
| Requirement |
Solution |
| Install and maintain a firewall configuration to protect cardholder data |
JSCAPE Secure FTP Server has built-in IP Access feature that allows you to define the networks from which clients may connect. |
| Do not use vendor-supplied defaults for system passwords and other security parameters |
JSCAPE Secure FTP Server disables anonymous access by default and has no default system passwords. |
| Protect stored cardholder data |
JSCAPE Secure FTP Server may easily be configured to PGP encrypt data that is stored on the server. This data cannot be decrypted without the proper PGP private key and password. This further protects data in the event the server were compromised or stolen. |
| Encrypt transmission of cardholder data across open, public networks |
JSCAPE Secure FTP Server supports various secure file transfer protocols including FTPS (FTP over SSL), HTTPS, SFTP (FTP over SSH) and SCP (Secure Copy) in order to encrypt data as it is sent over the network. Server and accounts may be optionally configured to accept only secure encrypted sessions. |
| Assign a unique ID to each person with computer access |
JSCAPE Secure FTP server may easily be configured to authenticate users against central user repositories such as LDAP, Active Directory and JDBC relational databases. Authenticated users are granted access only to the files and directories assigned. |
| Track and monitor all access to network resources and cardholder data |
JSCAPE Secure FTP Server may automatically disable accounts or block IP addresses of clients that attempt to authenticate unsuccessfully too many times within a defined period. Should an account or IP be blocked, JSCAPE Secure FTP Server may capture these events and notify system administrators via email. All server activity is automatically logged for audit and reporting purposes. JSCAPE Secure FTP Server includes a reporting module that may be used to quickly generate reports on all server activity.
|
Download an evaluation of JSCAPE Secure FTP Server today to see how it can help meet your PCI DSS requirements.
|
