In the Site Setup wizard, the Connections Protocols page provides options to specify which protocols that clients are allowed to use to connect to EFT Server.
If enable PCI mode is selected, EFT Server determines whether plain-text FTP or HTTP was selected on the Connection Protocols page. If so, a warning appears and you are provided the option to disable all plain-text protocols for the Site or leave them enabled and provide a reason.
PCI DSS requirement 2.2.2 states that you should disable all services and protocols that are not directly needed to perform the specified function.
PCI DSS requirement 2.3 states that you should require secure protocols for remote administrator access.