Introduction to the EFT Security Modules

In EFT Enterprise, the Advanced Security module (ASM) enables organizations to centralize their user access controls, improve productivity, and increase adherence to security policies.
Both the ASM in EFT Enterprise and the Express Security module (ESM) for EFT Express help achieve or exceed compliance requirements mandated by the most rigorous standards, including PCI DSS, FIPS 140-2 Validation, HIPAA, HITECH, Sarbanes-Oxley, and many others.

The optional features in both security modules are listed below:

FIPS-certified protocols and ciphers
Ability to enable HSTS (requires HTTPS module)
Enables auditing of administrator changes (PCI DSS 102.2.2)
Automatically redirects HTTP to HTTPS (PCI DSS 2.2.3)
Forces password reset on initial use (PCI DSS 8.2.6)
Expires user passwords and/or Admin passwords after 90 days (PCI DSS 8.2.4)
Enables password expiration reminders (e-mail, banner)
Removes old data automatically Data sanitization/wiping (PCI DSS 9)
Removes inactive accounts after 90 days (PCI DSS 8.1.4)
Hides or disables non-allowed cipher or SSL versions, key lengths <128 bits, anonymous account type, and warns when importing certificates with weak keys (PCI DSS 4.1)
Warns if password complexity is disabled (PCI DSS 8.2.3)
Warns if insecure protocols are in use (PCI DSS 2.2.2)
Warns if user disk quota is not set (PCI DSS 3.1)
Warns if secure remote administration not set (PCI DSS 2.3)
Warns if Encrypting File System (EFS) in use (PCI DSS 3.4.1)
Warns if weak SSL or SFTP keys are in use (PCI DSS 3.6.1)
Warns if weak SSL versions and ciphers are in use (PCI DSS 4.1)
Warns if DoS and flood settings are too low (PCI DSS 2.2.4)
Warns if vendor defaults remain unchanged (PCI DSS 2.1)
Warns if expired keys present (PCI DSS 3.6.5)
Warns if multiple administrator roles present (PCI DSS 7.1)
Warns if anonymous account type in use (PCI DSS 8.5)
Causes idle sessions to automatically timeout (PCI DSS 8.1.8)
Limits repeated invalid login attempts (PCI DSS 8.1.6)
Provides a configuration wizard for creating PCI DSS compliant Sites
Monitors and reports on configuration changes that result in PCI DSS violations (PCI DSS 12)
Produces automatic daily PCI DSS Compliance reports (PCI DSS 12)
Enables Active Directory and Local Windows accounts for EFT administrator authentication (default Administrator accounts are maintained by EFT).

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
v7.4.13 | 202309270722 | September 2023