Which certifications and compliance standards does EFT Server maintain and support?


EFT Server maintains/supports the following certifications and compliance standards:

  • FIPS 140-2 compliant SSH and SSL cryptographic module; independently certified as meeting U.S. NIST FIPS 140-2 security standards
  • PCI DSS 2.0 compliant; including inline PCI DSS compliance validation and reporting
  • Adherence to OWASP security standards for password reset and username retrieval
  • RSA certified; Secured by RSA® Certified Partner (v6.3 and later) 
  • Microsoft "Works with Windows Server 2008 R2" certified
  • Drummond-Certified AS2 library (certified under IP*Works)
  • IPv6 compliance in accordance with RFC 2460, 2428, and others (v6.4 and later)
  • OpenPGP compliance in accordance with RFC 2440
  • FTP/S, SFTP, and HTTP/S in accordance with numerous RFCs