Globalscape PCI Compliance Checklist: Set Your GRC Benchmark0

We all know about Governance, Risk and Compliance, or GRC, but how does that relate to secure file transfer?

First and foremost there is risk in moving data around networks and there may also be regulatory compliance to deal with. In recent years we have seen both private and public sector governing bodies begin to tighten the reigns when it comes to data protection. Payment card industry violations can result in significant penalties and In the UK the Information Commissioners Office have the ability to levy significant fines. Recently the EU has proposed regulations that would fine organizations and base the fines on a percentage of the organizations global turnover. There are so many acronyms thrown around these days its hard to keep up. SOX, DPA, GDPR, HIPAA, PIPEDA, HITECH, COCO, PCI-DSS and the list goes on and on.

So how can a managed file transfer system really help an organization reduce risk and comply with mandates?

Essentially a good Managed File Transfer (MFT) platform can provide controls to help govern the risk and compliance aspects of data in motion and data at rest.

The Globalscape PCI Compliance Checklist as Your Compliance Benchmark

Globalscape’s MFT platform, known as Enhanced File Transfer, includes a number of features that can provide these controls. For example if we look at the Payment Card Industries Data Security Standard (PCI-DSS), and look at the features provided by EFT, we find technical controls provided by software that maps directly to the PCI specifications. This approach can really help the people in an organization that are responsible for mitigating risk and complying with mandates. Unlike some mandates, the PCI-DSS specification is spelled out and clearly defined. Globalscape provides documentation that shows how the EFT features map directly to the PCI-DSS specification, which effectively acts as a PCI compliance checklist. Because electronic data security is similar across the regulatory compliance landscape, using the PCI-DSS specification is a good baseline.

Download the Globalscape PCI Compliance White Paper

You can download the following white paper which sheds more light on the data security features provided by the Enhanced File Transfer platform:

WEBINAR: Governance, Risk and Compliance: Do Your Data Transfers, Policies & Practices Meet Your Regulatory Obligations?


On Demand Webinar

It doesn’t matter which industry you are in, or how small your business is – you must comply with regulatory directives concerning data.

Various directives are used to keep data about your business, your customers and your partners safe – think PCI-DSS, FIPS 140-2, HIPAA, SOX, the UK Data Protection Act and regulation enforced by the Information Commissioner’s Office. These standards can be hard to meet, and even once you have achieved compliance through your data security and internal policies, regulations change and evolve.

The simple fact is the way that you transfer data in and out of your business must be compliant. Globalscape’s industry leading Managed File Transfer solution helps you to achieve file transfer compliance whilst meeting your governance, risk and security objectives both now, and as regulations change.

In this webinar you will learn:

  • About the risks of data in motion and how to mitigate these risks
  • How to reduce exposure in the DMZ
  • What Managed File Transfer is, and how a Globalscape MFT solution can solve issues surrounding Governance, Risk, Security and Compliance with features such as Centralised Management, Encryption, Auditing, Logging, Visibility, Automation, Integration, High Availability and more
  • How Globalscape EFT Server allows administrators to perform quick and easy Compliance Reports
  • Customer Case Study: How one enterprise uses Globalscape EFT Server and Mail Express Person-2-Person File Transfer to protect their data and ensure compliance



Leave a Comment

Do you want to link to your last blog post?