PCI-DSS_3.2–2018 Changes

Introduction

Contents:

  • PCI-DSS 3.2 CHANGES ENFORCED IN 2018
  • PREPARATION TO BE EFFECTIVE FOR PCI-DSS 3.2 2018 CHANGES
  • CONCLUSION
  • HOW BRIKSINFOSEC HELPS YOU
  • CURIOUS TO READ OUR CASE STUDY
  • LAST BUT NOT THE LEAST

PCI-DSS 3.2 changes Enforces In 2018

  • There are many severe vulnerabilities in SSL and early TLS that were left unnoticed. This makes organisations at the risk of being breached. The widespread POODLE and BEAST exploits are just a couple of examples through which attackers can take advantage of weaknesses in SSL and early TLS to compromise organisation’s data.
  • There are no fixes or patches that can adequately repair SSL or early TLS (TLS1.0). Therefore, it is highly essential for organisations to upgrade to a secure alternative as soon as possible, and disable any fallback to both SSL and early TLS (TLS1.0).
  • Requirement 3.5.1 — Documented cryptographic architecture.
  • Requirement 10.8 -Detection and reporting of critical security controls failure.
  • Requirement 10.8.1 -Respond to failures of any critical security controls in a timely manner.
  • Requirement 11.3.4.1 — Six-month penetration testing of segmentation controls.
  • Requirement 12.4.1 — Assign responsibility for PCI-DSS compliance and create a PCI-DSS charter.
  • Requirement 12.11.a -Six-month management review of policy and process compliance.
  • Requirement 12.11.1 -Documentation of the six-month management review.

Preparations To Be Effectiv Fo PCI:DSS 3.2 2018 Changes

  • To apply the multi-factor authentication requirements.
  • To update your SSL and TLS 1.0 to the minimum new layer of protection.
  • Adhere to DESV requirements and rules, regarding displaying card numbers.
  • In performing regular penetration testing for crucial compliance and protection.

Conclusion

HOW BRISKINFOSEC HELPS YOU:

CURIOUS TO READ OUR CASE STUDY?

LAST BUT NOT THE LEAST:

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store