Entrust
Securing Digital Identities & Information

Entrust Solutions for Regulatory Compliance

The threat of sensitive personal information or critical data being stolen, lost or mishandled has led to a number of compliance standards, including the Payment Card Industry (PCI) Data Security Standard, Sarbanes-Oxley Public Company Accounting and Investor Protection Act (SOX), Red Flag Regulations (FACTA), the Health Insurance Portability and Accountability Act (HIPAA) and more.

Complying with these regulations may often feel overwhelming. Need information about a specific regulation? Consult the table below to learn how Entrust helps enable compliance of both government and industry regulations across the globe.

request_contact2

Find what you’re looking for? Then just click the appropriate solution link in the right-hand column to discover how painless compliance can be with the help of a trusted partner.


Red Flag Regulations (FACTA)




Description

  • Requires each financial institution, bank or creditor that stores consumer accounts to develop specialized identity theft prevention programs
  • Organizations were required to comply in November 2008
  • Applies to more than banks, including thrifts, mortgage lenders, credit unions, U.S. branches and agencies of foreign banks, U.S. commercial lending companies of foreign banks, creditors

Entrust Solution

Entrust Red Flag Solutions

Supporting Products:

Authentication:
Entrust IdentityGuard
Entrust Managed Services PKI
Entrust Authority PKI
Entrust Authority Optional Components

Fraud Detection:
Entrust TransactionGuard


FFIEC Guidance




Description

  • For banks offering Internet-based financial services, online bill presentment and other services via interactive voice response (IVR) systems, guidance describes enhanced authentication methods that regulators expect banks to use for online products and services
  • Financial institutions required to move past single-factor authentication for online transactions

Entrust Solution

Entrust FFIEC Solution

Supporting Products:

Authentication:
Entrust IdentityGuard

Fraud Detection:
Entrust TransactionGuard

Web Security:
Entrust SSL Digital Certificates


Payment Card Industry (PCI) Data Security Standard




Description

  • The PCI DSS requires organizations to implement a security strategy that will protect the stored data of individuals
  • Dictates that organizations must encrypt transmissions of cardholder data and sensitive information across public networks
  • Mandatory for all merchants or service providers that store, process or transmit cardholder data

Entrust Solution

Entrust PCI Solution

Supporting Products:

Authentication:
Entrust IdentityGuard

Network Folder Encryption:
Entrust Entelligence Group Share

Email Security:
Entrust Entelligence Messaging Server
Entrust Secure Email Certificates

Web Security:
Entrust SSL Digital Certificates


HSPD-12




Description

  • HSPD-12 mandated to establish more uniform standards for issuing government identity credentials
  • Applies to all government employees and contractors and governs physical (facility) and logical (systems) access
  • In 2005, the National Institute of Standards and Technology (NIST) issued FIPS 201 as required by HSPD-12

Entrust Solution

Entrust HSPD-12 Solution

Supporting Products:

Authentication:
Entrust Managed Services PKI SSP
Entrust Authority Optional Components


Sarbanes-Oxley Act (SOX)




Description

  • Legislation intended to help reform accounting practices, financial disclosures and corporate governance of public companies
  • Guidance suggests that organizations need to focus on reviewing the accuracy of financial information and the reliability of systems that generate it
  • Companies must demonstrate system and application integrity for tools used to generate financial reports

Entrust Solution

Entrust SOX Solutions

Supporting Products:

Authentication:
Entrust Authority PKI

Network Folder Encryption:
Entrust Entelligence Group Share

Email Security:
Entrust Entelligence Messaging Server
Entrust Secure Email Certificates

Single Sign On:
Entrust GetAccess
Entrust IdentityGuard


HIPAA




Description

  • Enacted by Congress in 1996, the Health Insurance Portability & Accountability Act seeks to protect the privacy and the security of health information
  • Calls for improved efficiency in healthcare delivery by standardizing electronic data interchange
  • Requires confidentiality and security of health data through setting and enforcing standards

Entrust Solution

Supporting Products:

Authentication:
Entrust Authority PKI
Entrust Managed Service PKI

Network Folder Encryption:
Entrust Entelligence Group Share

Email Security:
Entrust Entelligence Messaging Server
Entrust Secure Email Certificates


Gramm-Leach Bliley Act




Description

  • Also known as the Financial Modernization Act of 1999, the Gramm-Leach Bliley Act was created to protect sensitive consumer information stored and/or used by financial institutions
  • Gives authority to eight federal agencies and the states to administer and enforce the Financial Privacy Rule and the Safeguards Rule

Entrust Solution

Supporting Products:

Authentication:
Entrust IdentityGuard
Entrust Managed Service PKI

Email Security:
Entrust Entelligence Messaging Server
Entrust Secure Email Certificates

Web Security:
Entrust SSL Digital Certificates