Requirement 12: Maintain a Policy that Addresses Information Security

From the PCI DSS:

A strong security policy sets the security tone for the whole company and informs employees what is expected of them. All employees should be aware of the sensitivity of data and their responsibilities for protecting it. For the purposes of this requirement, "employees" refers to full-time and part-time employees, temporary employees and personnel, and contractors and consultants who are "resident" on the company’s site.

This is not a feature of EFT Server; however, you might consider using EFT Server as a component of your organization's security policy. The Server's ability to automatically generate and e-mail daily reports will help you stay on top of daily operations and security practices, from monitoring user connections, including failed connections, to changes in security settings.

PCI DSS Requirement	How Requirement is Addressed with EFT Server
12.1 - 12.9 These requirements have to do with maintaining a policy that addresses information security	These requirements are external to EFT Server and are defined by your organizational policy.

If this help topic did not help you, search the Knowledgebase or pose your question in the GlobalSCAPE User Forum.

For the most up-to-date information, to view version history, updates, and activation instructions; or to download a PDF of this user guide, visit the Support Center at http://www.globalscape.com/support.

Leave compliments or complaints regarding the help in the User Forum. At a minimum, please provide the topic title and why you needed help.

For information about GlobalSCAPE, visit www.globalscape.com, subscribe to our Secure Info Exchange blog, or follow us on Twitter.

Last modified: 18-Aug-11 at 13:43:46