PCI is a set of collaborative security requirements for the protection of credit card transactions and cardholder data for all brands. This paper will review DB2 solutions that are compliant to the requirements for data at rest encryption in the PCI Data Security Standard and are based on a design that also provides separation of duties, audit, and central key management. The PCI standard incorporates sound and necessary security practices, such as encryption, continuous data access monitoring and control; assessments; auditing and implementation of comprehensive key management processes and procedures for keys used for encryption of cardholder data.
Did you find this white paper useful?
3 out of 4 users found this white paper useful
Related white papers
Security Compliance - Separating FUD From Reality, Part One: Sarbanes-Oxley
Information security is no longer just a good idea; thanks to legislation such as Sarbanes-Oxley, it's now a mandate. SOX requires new attention to security as part of a risk...
Reduce the Risk of Costly Data Breaches: Three Pillars of Data Protection
There are numerous regulations that govern the protection of private, personal and confidential data regardless of whether the data resides on a secure mainframe computer, desktop PC or mobile device...
Attacks and Countermeasures: A Study of Network Attack Classes and Security Components to Protect Against Them
There are many types of network attacks, and security solutions to address almost all of them. Most attack types fall into three major categories: attacks on integrity, attacks on confidentiality...
Security of the WEP Algorithm
The 802.11 standard describes the communication that occurs in wireless local area networks (LANs). The Wired Equivalent Privacy (WEP) algorithm is used to protect wireless communication from eavesdropping. A secondary...
Computer Security Policy: An Introduction to Computer Security
Some organizations issue overall computer security manuals, regulations, handbooks, or similar documents. These may mix policy, guidelines, standards, and procedures, since they are closely linked. While manuals and regulations can...
Gain a clear understanding of your organization's security posture -- then act decisively to improve it
Threats to your organization's IT security occur daily and evolve constantly. In fact, virtually every organization has a "security gap" between its current protection level and the level where it...
Gene Kim Presents "Surviving and Benefiting from an Audit" with Craig Morgan, Partner KPMG
An audit is a necessary and often painful event for many companies. As difficult as it is to imagine, it is possible to benefit from an audit. By understanding the...
