Author Topic: PCI Security in OnDemand (Read 2515 times)

rstockton · « **on:** June 11, 2014, 08:23:35 AM »

Is anyone doing anything with OnDemand to encrypt or use other methods to secure PCI information?

Thanks,
Russell

Justin Derrick · « **Reply #1 on:** June 12, 2014, 04:34:53 AM »

Years ago, IBM bought Vormetric.

Neither CMOD, DB2, or TSM support encryption of data (although tape drives that support encryption are compatible with TSM), so it's up to something at the operating system layer -- that something is Vormetric, although I don't know what IBM is calling it today.

-JD.

rstockton · « **Reply #2 on:** June 12, 2014, 05:34:53 AM »

Thanks Justin.

Mike · « **Reply #3 on:** June 26, 2014, 03:56:43 PM »

We're undergoing a project for it right now, and essentially each vendor has a bunch of products that they can throw at it and still have gaps, but there seems to be no one button fix.

That being said, I think TSM does have encryption in V6 now, but we're just going to encrypt the source data since TSM doesn't really care what you send it.

ewirtz · « **Reply #4 on:** June 30, 2014, 12:17:07 AM »

Hi Mike,
for PCI it's not required to encrypt everything. It's anough mask the creditcard numbers with tokens in your docunments. Additionally you need an encrypted table, which allows you to get the creditcard number for a given token and the token for a given creditcard number. By this technique you can do nesarly everything with your documents without doing any encription / decription. Only if you need the original card number you need to decrypt the token. This technique is a general approach that works as well in IT in general.

regards

Egon

OnDemand User Group

News:

Author Topic: PCI Security in OnDemand (Read 2515 times)

rstockton

PCI Security in OnDemand

Justin Derrick

Re: PCI Security in OnDemand

rstockton

Re: PCI Security in OnDemand

Mike

Re: PCI Security in OnDemand

ewirtz

Re: PCI Security in OnDemand