PCI Requirement 3.5.1 – Maintain a Documented Description of the Cryptographic Architecture
by Randy Bartels / July 28th, 2017
PCI Requirement 3.5.1 is an additional requirement that only applies to service providers. It requires that your organization, “Maintain a documented description of the…
PCI Requirement 3.5 – Protect Keys Used to Store Cardholder Data
by Randy Bartels / July 28th, 2017
If your organization is using encryption to render cardholder data unreadable, you must have a key management program in place. PCI Requirement 3.5 requires…
PCI Requirement 3.4.1 – Use of Disk Encryption
by Randy Bartels / July 28th, 2017
If your organization is going to use disk encryption as a means to render data unreadable, you need to comply with PCI Requirement 3.4.1.…
PCI Requirement 3.4 – Render PAN Unreadable Anywhere it is Stored
by Randy Bartels / July 28th, 2017
What is PCI Requirement 3.4? PCI Requirement 3.4 requires, “Render PAN unreadable anywhere it is stored (including on portable digital media, backup media, and…
PCI Requirement 3.3 – Mask PAN when Displayed
by Randy Bartels / July 28th, 2017
What is PCI Requirement 3.3? PCI Requirement 3.3 states, “Mask PAN when displayed (the first six and last four digits are the maximum number…