PCI Data Security Compliance
- Ensuring that clear-text account data is never accessible
- Rendering primary account numbers (PAN) unreadable via encryption, tokenization or other forms of obfuscation
- Securing encryption keys from misuse and establish separation of admin duties and key control
Acceptable methods rendering data unreadable are defined as:
- One-way hash functions based on strong cryptography, that displays only index data pointing to records in the database where sensitive data actually resides.
- Truncation – removing a critical segment of field data, such as showing only the last four digits.
- Index tokens and securely stored pads – encryption algorithms that combine sensitive plaintext data with a random key or “pad” that works only once.
- Strong cryptography – with associated key management processes and procedures. (Refer to the PCI DSS and PA-DSS Glossary of Terms, Abbreviations, and Acronyms for the full definition of “strong cryptography.”)
Breach Notification Requirements and Exemptions
CipherCloud Helps PCI Compliance with:
- Strong encryption and tokenization for cloud data, meeting GDPR standards for data protection
- Encryption keys controlled exclusively by customers, meeting “pseudonymization” requirements
- Exemption from breach notification requirements by effectively anonymizing data
- Technology specifically called for to meet Privacy by Design and Default principals
- Dramatic reduction in audit scope by removing data exposure to cloud providers
Questions? We'll put you on the right path.
OR CALL 1-855-524-7437