An audit to review PCI compliance at a large US-based transportation company revealed a number of file transfer problems that kept them from getting a passing grade. And with the PCI 3.1 “Business as Usual” mandate, the company’s auditors stressed the importance of achieving a state of continuous compliance.
Struggling with Scripts
The beleaguered IT team had been doing their best to automate file transfers between four data centers, and externally with their partners and vendors. They were spending too much time writing scripts and customizing firewalls and even had to purchase additional SFTP software. It took 2-3 weeks to create a single file transfer task. With more than 100 file transfer tasks each month, the IT team had way too much on their hands.
They knew they had to reframe how they secured and managed file transfers in order to meet PCI compliance and decided to implement MOVEit Transfer to exchange files between partners, customers, systems and users.
MOVEit Transfer establishes an audit trail to demonstrate compliance with SLAs and data protection regulations like PCI. It protects data in transit using SFTP and FTPS protocols with SSH, TLS and SSL encryption, and protects data at rest using AES 256 encryption.
Additionally, the company's IT team implemented MOVEit Automation to easily develop workflows without advanced programming skills. MOVEit Automation cut the time it took to create a file transfer from 2-3 weeks down to 6 business days.
With MOVEit Automation, the team simply makes copies of existing file transfer tasks and edits them, rather than create them from scratch. For multiple tasks with a single destination, they only have to set up the destination once using the host name, IP address and credentials.
Watch this short video to see how MOVEit Automation eliminates the need for scripts.
PCI Compliance Achieved
The company's auditors confirmed they are meeting PCI DSS 3.1 'Business as Usual' by achieving continuous compliance. Instead of searching through a bunch of SFTP servers the auditors are happy to see a complete listing of all PCI file transfers with a single click.
Watch our On-Deamand Webinar of MOVEit, and learn how we can help you to automate and secure your file transfers, and help do things like achieve PCI compliance in the process.