PCI DSS Requirement 4: Encrypt transmission of cardholder data across open, public networks
Requirements Addressed
4.1 Use strong cryptographic and
security protocols such as TLS or IPSEC to safeguard sensitive cardholder
data during transmission over open, public networks
|
4.2 Never send unencrypted PANs by
end-user messaging technologies (for example, e-mail, instant messaging,
chat).
|
Solution Features
> Secure emails that contain sensitive information using encryption.
Enforcing both incoming and outgoing Transport Layer Security (TLS) encryption and certificate verification for connections with email relays on the internet.
> Automatically enforce policies
block emails containing unencrypted sensitive data from leaving the organisation for Lotus Domino or Microsoft Exchange.
> Encrypt sensitive data using encryption as it leaves the organisation via email.
> Encrypt sensitive files on network file shares and encrypted end-to-end.
> Encryption (128 bit+). Required (for transmission of cardholder data)
> Use strong cryptography and security protocols (for example, TLS, IPSec, SSH, etc.) to safeguard sensitive cardholder data during transmission over open, public networks.
> Apply transparent encryption.
> WAF (Web Application Firewall) can perform encryption on one or both sides of the network, while decrypting and inspecting traffic internally.
- Specific items of data, e.g. cookies or passwords can be selectively encrypted.
- Transparently encrypt and authenticate all client side cookies used by an application.
Contact us today to discuss your requirements in more detail.
P: +44(0)7714 209927
S: +44(0)1273 329753
| 
info@securenetconsulting.co.uk
|