Introduction to the Regulatory Compliance Module

The Regulatory Compliance Module (RSM) helps you achieve or exceed compliance requirements mandated by the most rigorous standards, including PCI DSS, HIPAA, HITECH, Sarbanes-Oxley, and many others.

The features listed below are activated by the RCM:

Privacy configuration, including GDPR-specific settings
Specify personal data and privacy settings on a Site and per user (ARM Privacy reports require the Auditing and Reporting module.)
Generate GDPR DPIA report (Requires ARM)
Removes old data automatically Data sanitization/wiping (PCI DSS 9)
Hides or disables non-allowed cipher or SSL versions, key lengths <128 bits, anonymous account type, and warns when importing certificates with weak keys (PCI DSS 4.1)
Causes idle sessions to automatically timeout (PCI DSS 8.1.8)
Limits repeated invalid login attempts (PCI DSS 8.1.6)
Provides a configuration wizard for creating PCI DSS compliant Sites
Monitors and reports on configuration changes that result in PCI DSS violations (PCI DSS 12) (Requires ARM)
Produces automatic daily PCI DSS Compliance reports (PCI DSS 12) (Requires ARM)
Warns if password complexity is disabled (PCI DSS 8.2.3)
Warns if insecure protocols are in use (PCI DSS 2.2.2)
Warns if user disk quota is not set (PCI DSS 3.1)
Warns if secure remote administration not set (PCI DSS 2.3)
Warns if Encrypting File System (EFS) in use (PCI DSS 3.4.1)
Warns if weak SSL or SFTP keys are in use (PCI DSS 3.6.1)
Warns if DoS and flood settings are too low (PCI DSS 2.2.4)
Warns if vendor defaults remain unchanged (PCI DSS 2.1)
Warns if expired keys present (PCI DSS 3.6.5)
Warns if multiple administrator roles present (PCI DSS 7.1)
Warns if anonymous account type in use (PCI DSS 8.5)

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
v8.2.1 | 202409270221 | September 2024