Secure Remote Access
iTivity provides remote support and remote access mechanisms that support compliance with the payment card industry data security standard or PCI DSS. iTivity delivers strong encryption, authentication and event tracking that are part of the PCI data security requirements. iTivity customers benefit from secure remote access to POS and other retail computers while maintaining PCI compliance.
When properly configured, iTivity can help you become and stay compliant with many PCI DSS requirements.
- Requirement 1: Install and maintain a firewall configuration to protect cardholder data
iTivity enables secure outbound connections from retail POS systems across the firewall. There is no need to accept any inbound Internet connections at all.
- Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
iTivity leverages platform authentication mechanisms to ensure consistent security policy. Encryption and authentication settings are highly configurable in iTivity.
- Requirement 3: Protect stored cardholder data
Whether cardholder data is stored on POS systems or centralized servers, iTivity provides precise, secure access to authorized users only.
- Requirement 4: Encrypt transmission of cardholder data across open, public networks
All data transmission in iTivity is encrypted using the TLS/SSLv3 protocol. AES symmetric encryption with 2048 bit RSA key exchange provide strong security over all network connections.
- Requirement 5: Use and regularly update anti-virus software
iTivity is compatible with all of the major anti-virus and security packages.
- Requirement 6: Develop and maintain secure systems and applications
iTivity combines industry standard encryption with operating system or platform authentication and authorization to deliver secure and auditable remote access and control.
- Requirement 7: Restrict access to cardholder data by business need-to-know
iTivity encourages privilege segmentation through system access based on security groups. Each POS system and server can be assigned to different access groups. Each employee can be assigned to different access groups.
- Requirement 8: Assign a unique ID to each person with computer access
All system access in iTivity is based on operating system user accounts. Thorough integration with active directory and PAM encourages unique accounts for each employee.
- Requirement 9: Restrict physical access to cardholder data
Improved remote access by authorized users via iTivity limits the need to make physical access available.
- Requirement 10: Track and monitor all access to network resources and cardholder data
The iTivity iServer generates an activity log showing the time and data of all system access along with the authorized user ID.
iTivity remote access software supports many retail server and POS platforms, including IBM AIX, RedHat Linux (among others), Windows XP Embedded, Vista, 2003 Server, 2008 Server, HP-UX, Oracle Solaris and SCO.