Category: PCI DSS Requirement 4
Protect Cardholder Data with Strong Cryptography During Transmission Over Open, Public Networks
Strong cryptography provides significant assurance in preserving data confidentiality, integrity, and non-repudiation.
The PAN must be encrypted during transmission over untrusted and public networks as these can be easily accessed by malicious individuals. Because an entity stores, processes, or transmits cardholder data, any transmission of cardholder data over an organization’s internal network will naturally bring that network into PCI DSS scope. Any such networks must be checked against the PCI DSS requirements that are in place to ensure the protection of the underlying sensitive data.
Encrypting the data before it is transmitted, encrypting the session over which it is transmitted, or both can protect PAN transmissions. Strong cryptography should be used at both the data level and the session level, but it is not required.
In order to gain privileged access to cardholder data environments, malicious individuals continue to target wireless networks that may be misconfigured or vulnerabilities in legacy encryption and authentication protocols connected to the CDE.
F5
Accessing a comprehensive library of certified partner applications, F5 solution engineers can rapidly create a virtual environment simulating almost any…
- Location
- Seattle, WA Corporate HQ401 Elliott Avenue West Seattle, WA 98119-4017
- Rating
- Views
- 2837
Blue Coat
Cloud Encryption can be used within the Blue Coat Cloud Data Protection Gateway to protect data ? both at rest…
- Location
- Blue Coat Systems Inc.384 Santa Trinita Ave Sunnyvale, CA 94085
- Rating
- Views
- 3067
instantSSL
Instant SSL certificates are designed to secure a single-domain with the highest available levels of encryption and are trusted by…
- Location
- Comodo CA Ltd3rd Floor, 26 Office Village Exchange Quay, Trafford Road Salford, Manchester M5 3EQ
- Rating
- Views
- 3594
- Location
- CORPORATE OFFICE (UNITED STATES)DigiCert, Inc. 2600 West Executive Parkway Suite 500 Lehi, Utah 84043
- Rating
- Views
- 2976
Globalsign
GlobalSign is an identity services company providing cloud and on-premise IAM and PKI solutions for enterprises needing to conduct safe…
- Location
- Portsmouth, NH Two International Drive Suite 150, Portsmouth New Hampshire 03801
- Rating
- Views
- 3732
RapidSSL
RapidSSLonline.com is an internationally renowned enterprise and also one of the largest SSL providers in the world.
- Location
- 146 - Second Street North, Suite 201St. Petersburg, FL 33701
- Rating
- Views
- 2713
Thawte
Protect your business and translate trust to your customers with highassurance digital certificates from Thawte, the world?s first international specialist…
- Location
- Thawte Corporate OfficeThe Gateway Century Lane Century City, 7441 Cape Town South Africa
- Rating
- Views
- 2258