Security Basics mailing list archives
RE: PCI, EFS and the future?
From: "7thangel" <7thangel () powernet co uk>
Date: Tue, 20 Feb 2007 09:52:12 GMT
Hi Guys, sorry for the late input on this one, but with regards to PCI compliance I would recommend looking at the Cyber-Ark Vaulting solution as it cover many of the issues raised with this compliance standard along with the others and are already the largest player in this market space. www.cyber-ark.com Regards, Paul
3.4.1 If disk encryption is used (rather than file- orcolumn-level >Database encryption), logical access must be managed >independently of native operating system access control >mechanisms (for example, by not using local system or Active >Directory accounts).Decryption keys must not be tied to user accounts. The wording suggests this applies to databases. Not fileservers. How does it suggest that? This is about encrypting data, not the containers data might be found in. Dan This message has been comprehensively scanned for viruses, please visit http://www.avg.power.net.uk/ for details.
Current thread:
- RE: PCI, EFS and the future?, (continued)
- RE: PCI, EFS and the future? Gressick, Michael (Feb 07)
- RE: PCI, EFS and the future? dave kleiman (Feb 05)
- Message not available
- RE: PCI, EFS and the future? Nick Vaernhoej (Feb 05)
- RE: PCI, EFS and the future? Dan Anderson (Feb 19)
- RE: PCI, EFS and the future? Nick Vaernhoej (Feb 05)
- Re: PCI, EFS and the future? Nick Vaernhoej (Feb 05)
- Re: PCI, EFS and the future? Craig Wright (Feb 06)
- Re: PCI, EFS and the future? Sean Waddell (Feb 06)
- Re: PCI, EFS and the future? Saqib Ali (Feb 07)
- CastleCops 5-Year Anniversary and Contest dave kleiman (Feb 08)
- Re: PCI, EFS and the future? Sean Waddell (Feb 06)
- RE: PCI, EFS and the future? Dan Anderson (Feb 19)