PCIDSS.COM - PCI DSS Security Solutions Directory

Category: PCI DSS Requirement 4

Protect Cardholder Data with Strong Cryptography During Transmission Over Open, Public Networks

Strong cryptography provides significant assurance in preserving data confidentiality, integrity, and non-repudiation.

The PAN must be encrypted during transmission over untrusted and public networks as these can be easily accessed by malicious individuals. Because an entity stores, processes, or transmits cardholder data, any transmission of cardholder data over an organization’s internal network will naturally bring that network into PCI DSS scope. Any such networks must be checked against the PCI DSS requirements that are in place to ensure the protection of the underlying sensitive data.

Encrypting the data before it is transmitted, encrypting the session over which it is transmitted, or both can protect PAN transmissions. Strong cryptography should be used at both the data level and the session level, but it is not required.

In order to gain privileged access to cardholder data environments, malicious individuals continue to target wireless networks that may be misconfigured or vulnerabilities in legacy encryption and authentication protocols connected to the CDE.

PCI Solution Provider

F5

Accessing a comprehensive library of certified partner applications, F5 solution engineers can rapidly create a virtual environment simulating almost any…

Read More

PCI Solution Provider

Blue Coat

Cloud Encryption can be used within the Blue Coat Cloud Data Protection Gateway to protect data ? both at rest…

Read More

PCI Solution Provider

Godaddy

GoDaddy provides SSL certificates to protect websites.

Read More

Location
Cape Town
Rating
0 / 5
Views
3758
PCI Solution Provider

instantSSL

Instant SSL certificates are designed to secure a single-domain with the highest available levels of encryption and are trusted by…

Read More

PCI Solution Provider

DigiCert

DigiCert sells trusted SSL certificates.

Read More

PCI Solution Provider

Globalsign

GlobalSign is an identity services company providing cloud and on-premise IAM and PKI solutions for enterprises needing to conduct safe…

Read More

PCI Solution Provider

RapidSSL

RapidSSLonline.com is an internationally renowned enterprise and also one of the largest SSL providers in the world.

Read More

PCI Solution Provider

Thawte

Protect your business and translate trust to your customers with highassurance digital certificates from Thawte, the world?s first international specialist…

Read More