generic mobile banner with top right hex shape

PCI-Compliant File Transfer

Ensure PCI-DSS Compliance with MOVEit Managed File Transfer

banking and financial services illustration

Your Challenge

The Long Way to PCI Compliance

If your business deals with credit card payments in any way, then PCI compliance is going to be a fact of life, and an essential part of running your business securely and efficiently. PCI compliance is a critically important step in protecting your customer’s or partner’s payment card data and an equally important step in protecting your business from the dire consequences of a data breach.

What is PCI DSS?

The Payment Card Industry (PCI) Data Security Standard (DSS) is the global data security standard adopted by all organizations that process, store or transmit cardholder data. It consists of twelve critical data security requirements, organized into six sections.

Who is PCI DSS for?

The Payment Card Industry (PCI) Data Security Standard (DSS) is intended for use by merchants, financial processors, point-of-sale vendors, and banks, credit unions and other financial institutions that transmit, process and/or store credit cardholder data.

Our Solution

MOVEit Enables PCI Compliance

MOVEit is a managed file transfer system designed for use with a multi-firewall network that separates a network into different trust zones. MOVEit helps tens of thousands of financial processors, banks and credit unions achieve and maintain PCI Compliance by addressing the four requirements that concern data transfer:

  1. Developing and maintaining secure applications and systems
  2. Protecting cardholder data at rest
  3. Controlling access to cardholder data
  4. Encrypting cardholder data in transit.
security and compliance illustration

Maintain Network Security

MOVEit Transfer lives in the firewall-protected DMZ where it can be partially exposed to the Internet. MOVEit Automation, deployed on an internal trusted network, can establish connections to the MOVEit Transfer server through a firewall. This establishes a secure connection through which data can be passed to and from your internal network to the outside world. If you prefer not to have your files at rest in the DMZ, you can use MOVEit Gateway in the DMZ and deploy MOVEit Transfer on the trusted internal network.

it operations efficiency illustration

Protect Cardholder Data in Transit and at Rest

MOVEit supports transfers using secure FTP over SSL/TLS (FTPS), secure FTP over SSH2 (SFTP and SCP2), as well as secure file transfers using HTTPS and the AS2 and AS3 protocols. When at rest, MOVEit uses our MOVEit Crypto cryptographic software to securely store data. MOVEit Crypto has been FIPS 140-2 validated by the US National Institute of Standards and Testing (NIST) and the Canadian Communications Security Establishment (CSE).

one solution illustration

Implement Strong Access Control Measures

MOVEit allows users to be designated as belonging to specified role with each role having an appropriate level of privilege. MOVEit Transfer also allows for the specific assignment of folder permissions, protocol access restrictions, IP address restrictions and other limited rights. Passwords and keys are encrypted using secure SSL/TLS and SSH2.

security and compliance illustration

Maintain a Vulnerability Management Program

MOVEit supports integration for external scanning of the files in transit to prevent infected files from being transferred. To maintain the security of all MOVEit products, Progress regularly posts security updates to the customer community.

security and compliance illustration

Regularly Monitor and Test Networks

MOVEit audit logging capabilities are among the most comprehensive offered by any managed file transfer products. Access to MOVEit audit records is controlled so that users can only see events that relate to their organization and/or the groups, users, folders and transfer tasks under their control.

Related Resources

solid white tilted background decoration

Ensure PCI-DSS Compliance with
MOVEit Managed File Transfer