Financial Transaction Manager security
Security standards are intended to help you protect personally identifiable information (PII) and sensitive personal information (SPI). Depending on the types of data you process and the countries that you operate in, multiple standards might apply.
- International Organization for Standardization (ISO) 27002 standard
- Federal Information Security Management Act (FISMA)
- National Institute of Standards and Technology - NIST 800-53a
- Federal Financial Institutions Examination Council (FFIEC)
- Payment Card Industry (PCI)
- General Data Protection Regulation (GDPR)
- Your own internal standards
Because of the complexity and overlapping areas of the different standards, no direct mapping between a specific standard and this security information for Financial Transaction Manager exists. This security information relates to components and features of Financial Transaction Manager, such as the Operations and Administration Console. It also relates toother security concerns that might affect Financial Transaction Manager, such as WebSphere® Application Server security. Other areas that are not related to Financial Transaction Manager, such as security incident response processes or physical environmental security are not included in this information.
- Access control
- Access control involves authentication and authorization.
- Infrastructure
- Infrastructure includes securing the middleware and the communications.
- Data storage
- Data storage includes protecting the data in the database and on the file system.
- Monitoring
- Monitoring is a way to ensure that your security is working. You might want to monitor the audit, system, and component logs.
The following topics provide first an overview of personal information in Financial Transaction Manager and each of the high-level categories. Following the overview topics are topics about the security information for the different middleware and components that are used by Financial Transaction Manager.