Requirement 3 – Resources

Requirement 3: Protect stored cardholder data

Card contents stored on network
As per scoping, use tools to find credit cards on network

Data Rentention Policy for PCI
http://vpf.mit.edu/site/content/download/11924/50757/file/MITPCISecurityPolicy.pdf

Cryptography and key management – HSM information
– https://wiki.opendnssec.org/display/DOCREF/HSM+Buyers%27+Guide
– https://www.thales-esecurity.com/products-and-services/products-and-services/hardware-security-modules/general-purpose-hsms/nshield-solo
– http://security.stackexchange.com/questions/36664/criteria-for-selecting-an-hsm

PKI design for PCI compliance
– http://social.technet.microsoft.com/Forums/windowsserver/en-US/0dfd74c7-5b18-4939-b147-350250f92ee2/pki-design-for-pci-compliancy?forum=winserversecurity

Secure USB
Many sites, e.g. http://secureusb.com.au/

Posted in Resources.