If you are talking about PCI Compliance: Our solution is to offload the
sensitive data to a secure Service Provider and only retain "tokens" on your
system. PCI compliance for credit card data requires a ton more to do
beyond the basic encryption. Key management, key storage, encryption
validation, access logging, and more. The Best Practices require security
for the STORAGE, and also the PROCESSING (handling or touching) and
TRANSMISSION. Review the PCI SAQ "D" or the Data Security Standard for
details:
https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf
https://www.pcisecuritystandards.org/documents/PCI-DSS-v3_2_1-SAQ-D_Merchant
.pdf
Ira Chandler, PCI QIR
CTO, Curbstone Corporation
Support:
https://curb911.com
Urgent Support: 888-844-8533
Ask me how you can save money on your card processing fees!
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxxxxxxxx] On Behalf Of
iseriesstuff@xxxxxxxxx
Sent: Tuesday, November 19, 2019 2:27 PM
To: 'Midrange Systems Technical Discussion'
Subject: encryption
We are working on compliance and I've been asked if the iseries drive can be
encrypted.
Can someone provide feedback on the best way of encrypting data on the
iseries? We have a power8 on 7.3.
Thanks.
As an Amazon Associate we earn from qualifying purchases.