The High Security module (HSM) enforces a higher level of security, and monitors, reports, or warns when any of the high security settings are changed to a less secure mode. The HSM allows EFT Server to use FIPS-compliant protocols and ciphers, increase user account and password security, remove old data automatically, audit configuration changes, and maintain compliance with the Payment Card Industry Data Security Standard (PCI DSS), HIPAA, Sarbanes-Oxley, ISO 27000, and other security standards.
Protects Data at Rest: The HSM, in concert with DMZ Gateway, helps organizations comply with data storage requirements, including not storing data in the DMZ, using repository encryption, and securely sanitizing deleted data so that it cannot be reconstituted. Protecting customer data is a major aspect of complying with the PCI DSS and other standards.
Protects Data in Transit: The HSM protects data in transit by enforcing the use of secure protocols, strong ciphers and encryption keys, and maintaining password policies that strictly follow PCI DSS guidelines.
Controls Access to Data: The Server allows you "fine tune" user access to help you comply with security requirements, such as PCI DSS requirement 7 (Restrict access to cardholder data by business need-to-know) and 8 (Assign a unique ID to each person with computer access). You can choose from multiple data sources including Active Directory, NTLM-, LDAP-, or ODBC-compatible database as a source for user authentication, or you can use EFT Server's built-in GlobalSCAPE authentication manager to isolate EFT Server users from your domain. The Auditing and Reporting Module (ARM) captures all of EFT Server activity in a fully relational database (the auditing database does not store cardholder data).
Ongoing Auditing: Rather than commit changes immediately, the HSM warns you upon changing one or more settings that may cause EFT Server to fall out of compliance. EFT Server gives you the opportunity to undo your changes or continue with the change and provide justification or description of any compensating controls in place. Related settings are audited and reported on as a group (e.g., all of the SSL-related settings, or all user settings). For example, suppose on Monday you disable the account lockout settings for a user and specified your reason for allowing this non-compliant setting. Then on Wednesday, you change a complex password setting. The warning message displays both of these settings, as well as others for which you previously had provided justification for leaving as is. Before EFT Server commits the change, you must choose to either allow the change and specify a reason, or discard the changes for each of the non-compliant settings. (That is, the allow or discard flag is separate, but they are audited and reported on as a group.) This functionality is designed to remind you of the non-compliant settings and provide you the opportunity to bring them into compliance.
FIPS-Compliant Protocols and Ciphers: The Federal Information Processing Standard (FIPS) Publication 140-2 specifies the security requirements of cryptographic modules used to protect sensitive information. EFT Server supports operation with the FIPS 140-2 Validated GlobalSCAPE Cryptographic Module (GSCM) for inbound SSL/TLS and certificate generation. (Certificates created in prior versions of the EFT Server or EFT Server (imported certificates that were signed using non-FIPS compliant algorithms) will not work in EFT Server version 6 when using FIPS mode.)
PCI DSS Compliance: The High Security module facilitates enforcing high security and compliance with the PCI DSS 1.2 specification, and provides an automated, preconfigured PCI DSS Compliance Report.
The features of the HSM are listed below:
Removes old data automatically (Data sanitization (wiping))
Hides or disables non-allowed ciphers, key lengths, anonymous accounts, etc.
Enforces password expiration and complexity (Administrator password complexity is part of EFT Server core)
Restricts inbound Internet traffic (Administrator interface connections) to IP addresses within the DMZ
Detects whether DMZ Gateway is present
Warns if unsecure protocols are in use
Warns if user disk quota is not set
Warns if secure remote administration not set
Warns if Encrypting File System (EFS) in use
Warns if weak SSL versions and ciphers are in use
Warns if DoS and flood settings are too low
Audits initialization of auditing and reporting system and Server configuration changes to database