Curbstone software handles the PCI security audit log requirements for card data that we manage.
BUT, do you comply with the PCI security requirement for logging all file transfers done outside of Curbstone that contain card data?
Our friends at Linoma have a mature, compliant solution in GoAnywhere Managed File Transfer (MFT) software.
Simplify PCI DSS Compliance with Managed File Transfer
PCI compliance requires that data is secured both at rest and in transit using proper systems and procedures within the organization.
Healthcare organizations and business associates using GoAnywhere™ can achieve these goals with the additional benefit of saving considerable time for IT staff.
The GoAnywhere managed file transfer solution streamlines transmissions for healthcare including:
GoAnywhere MFT™ is a managed file transfer solution which streamlines the exchange of data between your systems, employees, customers and trading partners. It provides a single point of control with extensive security settings, detailed audit trails and reports.
GoAnywhere MFT's intuitive interface and comprehensive workflow features will help to eliminate the need for custom programs/scripts, single-function tools and manual processes that were traditionally needed. This innovative solution will reduce costs, improve the quality of your file transfers, and help your organization to comply with data security policies and regulations.
With integrated support for clustering, GoAnywhere MFT can process high volumes of file transfers for enterprises by load balancing processes across multiple systems. The clustering technology in GoAnywhere MFT also provides active-active automatic failover for disaster recovery.
AUDITING and REPORTING
- Browser-based interface for monitoring and administration
- Detailed audit logs for all user activity and file transfers
- Optionally sends logs to an enterprise SYSLOG server
- Advanced reporting to provide management and statistical details, graphs and charts
- Allows defining multi-step workflows with over 60 different tasks
- Provides a comprehensive built-in scheduler for running workflows
- Monitors folders with options to scan for new, changed or deleted files
- Sends email alerts or processes files when triggered events (e.g. upload, download) occur
- Includes commands and APIs for launching transfers from remote systems and applications
- Intuitive browser-based web client for performing ad-hoc file transfers
- Enterprise file sync and sharing using GoDrive
- Secure Mail module for sending files using email notifications with HTTPS download links
- Access files from anywhere with the mobile application
ENCRYPTION and COMPRESSION
- Provides FIPS 140-2 compliance mode to meet U.S. Government (NIST) encryption standards
- Encrypts, signs and decrypts files using Open PGP and GPG encryption standard
- Automatically encrypts files (at rest) in targeted folders using AES-256 encryption
- Compresses and decompresses files using ZIP with AES standard
- Includes integrated Key Management tools for Open PGP keys, SSH keys and SSL/TLS certificates
- Connects to Secure FTP servers (SFTP, FTPS, and SCP) for protected communications
- Automates file transfers with FTP servers
- Guarantees delivery with connection retries and file auto-resume
- Exchanges data with web sites using HTTP/S and Web Services
- Allows throttling bandwidth usage and monitoring file transfer throughput
- Sends AS2 messages with support for multiple file attachments
- Accelerates file transfers through GoAnywhere`s proprietary GoFastprotocol
- Send SMS messages using popular SMS gateways
- Accesses files and directories on network shares using SMB/CIFS protocol
- Accesses files and directories on WebDAV servers and Amazon S3 Buckets
- Interfaces with Antivirus and DLP solutions using ICAP
- Sends and retrieves files via email and secure email
- Calls custom programs and scripts as part of an overall workflow
- Connects to Websphere MQ, SonicMQ and ActiveMQ for enterprise messaging
- Sends traps to SNMP servers
- SFTP server (with SCP support) for secure file transfers over SSH
- FTPS server for secure FTP over SSL/TLS (Implicit SSL)
- Standard FTP server with support for Explicit SSL
- AS2 server for receiving EDI and other documents over secure connections
- HTTPS server for simple Ad Hoc file transfers through a browser interface
- DMZ gateway to keep files in the private network without opening inbound ports
- Bandwidth throttling to limit network usage by day-of-week and time-of-day
- Connects to popular database servers including SQL Server, Oracle, MySQL, IBM i, DB2, PostgreSQL, Informix and Sybase
- Translates data to/from Excel, XML, Delimited text and Flat File or Fixed Width file formats
- Replicates data between database servers
- Simplifies ETL processes with the ability to filter records, map columns and transform values
SECURITY and USER CONTROLS
- Extensive security controls to meet compliance requirements including PCI DSS
- Comprehensive user management system for trading partners, customers and employee accounts
- Segment GoAnywhere into logical security zones through Domains
- Authenticate users against Active Directory (AD), LDAP, IBM i and database
- SAML support for single sign-on (SSO)
- Lock users into specific directories with granular permissions
- Define virtual folders with user-friendly aliases and permissions
- Disk quotas to limit storage space usage by each user and folder