PCIDSS.COM - PCI DSS Security Solutions Directory

Category: PCI DSS Requirement 3

Protect Stored Account Data

 Account data protection relies heavily on safeguards like encryption, truncation, masking, and hashing (one-way encryption). Without the appropriate cryptographic keys, encrypted account data can’t be read or used by an attacker who subverts other security measures and successfully gains access to it, typically with malicious intent. As potential risk-mitigation opportunities, additional efficient methods of protecting stored data should also be taken into consideration. Examples of further risk mitigation include: avoiding sending unprotected Primary Account Numbers (PANs) via end-user messaging technologies like e-mail and instant messaging, and truncating cardholder data if a full PAN is not required.

Encrypting account data is not necessary if it is stored in non-persistent memory, such as RAM or volatile memory. To keep memory in a non-persistent state, however, proper controls must be in place as access to these critical systems may allow attackers to dump the contents of memory potentially containing cleartext sensitive cardholder data. When the business purpose (for example, the associated transaction) has concluded, sensitive data should be removed from volatile memory.

All applicable PCI DSS Requirements, including encryption of stored data, will apply if data storage becomes persistent. i.e. stored at rest.

PCI Solution Provider

Database Firewall

Oracle Audit Vault and Database Firewall provides a first line of defense for databases and consolidates audit data from databases,…

Read More

Location
Global PCI DSS Solutions
Rating
0 / 5
Views
4571
PCI Solution Provider

Thales

By joining together with technology partners to offer robust data-at-rest encryption solutions, Thales key management products enable enterprises to achieve…

Read More

PCI Solution Provider

Vormetric

The Vormetric Data Security Platform provides data protection products to secure and control enterprise data at rest. Vormetric (@Vormetric) is…

Read More

Location
2545 N. 1st Street, San Jose, CA 95131United States
Rating
0 / 5
Views
2474
PCI Solution Provider

Endpoint Protector

As a full Data Loss Prevention (DLP) and Mobile Device Management (MDM) product available for Windows, Mac OS X and…

Read More

PCI Solution Provider

Code Green Networks

Code Green Networks TrueDLP? for Retail provides a complete set of easy to manage data loss prevention tools

Read More

PCI Solution Provider

Forcepoint DLP

Stop Data Loss and Theft, Demonstrate Compliance, and Safeguard Brand, Reputation, and Intellectual Property. The Forcepoint? DLP Module enables you…

Read More

PCI Solution Provider

comForte PANfinder

comForte develops, markets, and supports proven and innovative modernization, middleware, connectivity, and security solutions for users of HP NonStop systems.…

Read More

Location
Global PCI DSS Solutions
Rating
0 / 5
Views
2340
PCI Solution Provider

Identity Finder

Identity Finder, LLC, based in New York, NY, is the leader in sensitive data management. Its security and privacy technologies…

Read More

Location
1776 Broadway, Suite 803, New York, NY 10019 USA
Rating
0 / 5
Views
2360
PCI Solution Provider

Groundlabs CardRecon

Card Recon is a PCI Compliance Cardholder Data Discovery tool for searching emails, databases, documents and more. Card Recon scans…

Read More

Location
Global PCI DSS Solutions
Rating
0 / 5
Views
2737