PCI-DSS Compliance

PCI-DSS is an information security standard for payment card applications, therefore your application has to be certified that makes use of YADE.

YADE is a file transfer tool that can be used to fulfill PCI-DSS compliance, it allows

  • secure transfer with e.g. FTPS, SFTP, WebDAV protocols across networks and
  • insecure transfer with e.g. FTP, HTTP protocols.

YADE is a command line client for File Transfer in batch mode and can be used from

YADE complies with the PCI-DSS Requirements 3 and 4:

  • Requirement 3: Protect stored cardholder data. 
  • Requirement 4: Encrypt transmission of cardholder data across open, public networks. 
    • You can use any of the above mentioned secure protocols.
    • YADE creates its file transfer history locally and in a database for auditing and reporting purposes.

SOX Compliance

Concerning SOX compliance you can build a compliant application with YADE by providing a secure configuration and protocols (see above) and by use of encrypted and signed files with your application.

The JOC Cockpit - File Transfer History provides a detailed history to comply with SOX requirements.

HIPAA Compliance

Concerning HIPAA compliance the YADE Managed File Transfer is a transient service, i.e. YADE does not store files permanently in intermediate locations, see YADE Implementation Architecture and Server-to-Server file transfer without touchdown. Therefore, for a transient file transfer service as YADE that implements PCI-DSS compliance and SOX compliance it should be possible to certify your application.