High Security Module (HSM)

Meet or exceed security mandates

The High Security module (HSM) achieves or exceeds security practices mandated by the most rigorous standards, including PCI-DSSFIPS 140-2 ValidationHIPAA, and Sarbanes-Oxley (SOX).

Achieve or Exceed Industry, Government, and Corporate File Transfer Security Standards

Achieve or Exceed Industry, Government, and Corporate File Transfer Security Standards

With support for multiple secure protocols and cryptographic ciphers, the High Security module (HSM) thoroughly protects data in transit. By enforcing the use of secure protocols, strong ciphers, encryption keys, and password policies, data transfers strictly follow all security guidelines.

With HSM security, you can enforce account access policy controls, expire passwords automatically on certain dates, and use AD, NTLM, LDAP, an ODBC-compatible database, or the built-in authentication manager in EFT.

Ongoing Standards Compliance

Ongoing Standards Compliance

Securing sensitive company data requires continuous monitoring and validation of security policies and controls. Once enabled, the HSM is an ever-vigilant security tool that disallows low-security options, captures compensating controls, and generates reports for auditing the system’s compliance status.

The HSM actively monitors PCI DSS by alerting on non-compliance, identifying the cause of non-compliance, allowing reverting of security controls, implementing mitigation/workaround techniques. The Auditing and Reporting module (ARM) captures all of this activity in a fully relational database.

Protection of Data at Rest

Protection of Data at Rest

Setup wizards provide administrators with an easy, step-by-step method to configuring a new high-security-enabled site, with each page describing the requirement and what you need to do to meet that requirement, or to provide a compensating control (workaround).

The HSM, when used with the DMZ Gateway®, helps organizations comply with data storage requirements—including not storing data in the network DMZ—using repository encryption and securely sanitizing (wiping) deleted data so that it cannot be reconstituted.