Requirement 4 – Resources

Requirement 4: Encrypt transmission of cardholder data across open, public networks

Buy server certificates
– www.thawte.com/
– www.verisign.com.au
– www.digicert.com/

Configure web servers to only use strong encryption
– http://httpd.apache.org/docs/current/ssl/ssl_howto.html
– http://technet.microsoft.com/en-us/library/cc962039.aspx
– https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet

Ensure that your servers are not vulnerable to Heartbleed
– https://lastpass.com/heartbleed/
– tif.mcafee.com/heartbleedtest
= safeweb.norton.com/heartbleed

Do not use cleartext protocols
– Remove the use of Telnet and FTP. Use SSH and sFTP.

Wireless security
– Do not use WEP. Use WPAv2 with a strong passphrase. Consider using MAC filtering.

Posted in Resources.