| Table of Contents | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
PCI-DSS Compliance
PCI-DSS is an information security standard :for payment card applications, therefore your application has to be certified that makes use of YADE.
YADE is a file transfer tool that can be used to fulfill PCI-DSS compliance, it allows
- secure transfer with e.g. FTPS, SFTP, WebDAV protocols across networks and
- insecure transfer with e.g. FTP, HTTP protocols.
YADE is a command line client for File Transfer in batch mode . YADE and can be called used from
- command line interface (CLI),YADE Command Line Interface
- JobScheduler YADE JITL Jobs
- third party applications using its the YADE API.
YADE is a client application that can be used to fulfill complies with the PCI-DSS compliance:YADE does cover "partially" the PCI-DSS Requirements 3 and 4:
- Requirement 3: Protect stored cardholder data.
- You can use the YADE Credential Store to protect credentials in a secure store.
- Requirement 4: Encrypt transmission of cardholder data across open, public networks.
...
- You can use any of the above mentioned secure
...
- protocols
...
- .
...
- YADE creates its file transfer history locally and in a database for auditing and reporting purposes.
SOX Compliance
Concerning SOX compliance you can build a compliant application with YADE by providing a secure configuration and protocols (see above) and by use of encrypted and signed files with your application.
The YADE Background Service provides a file transfer history to comply with SOX requirements.
HIPAA Compliance
Concerning HIPAA compliance the YADE Managed File Transfer is a transient service, i.e. YADE does not store files permanently in intermediate locations, see YADE Implementation Architecture and Server-to-Server file transfer without touchdown. Therefore, for a transient file transfer service as YADE that implements PCI-DSS compliance and SOX compliance it should be possible to certify your application.