Portal | Manuals | References | Downloads | Info | Programs | JCLs | Master the Mainframes
IBM Mainframe Computers Forums Index
 
Register
 
IBM Mainframe Computers Forums Index Mainframe: Search IBM Mainframe Forum: FAQ Memberlist Usergroups Profile Log in to check your private messages Log in
 

 

PCI DSS 1.2 Requirement 3.4 best practice

 
Post new topic   Reply to topic    IBMMAINFRAMES.com Support Forums -> All Other Mainframe Topics
View previous topic :: :: View next topic  
Author Message
elmerv

New User


Joined: 13 Jul 2006
Posts: 3

PostPosted: Wed Sep 30, 2009 9:08 pm    Post subject: PCI DSS 1.2 Requirement 3.4 best practice
Reply with quote

Hello,

We are undergoing a review of our controls for PCI compliance. Requirement 3.4 specifies that PAN must be rendered unreadable wherever it is stored. So if the source VSAM dataset contains PANs, does this mean the VSAM dataset needs to be encrypted? Or is RACF enough compensating control to satisfy the PCI requirement? Or is there any other solution?

Thank you.

Bew
Back to top
View user's profile Send private message

Robert Sample

Global Moderator


Joined: 06 Jun 2008
Posts: 7995
Location: Bellevue, IA

PostPosted: Wed Sep 30, 2009 9:13 pm    Post subject:
Reply with quote

When we went through the PCI compliance process, it was determined that at a minimum the field had to be encrypted -- RACF access controls is not enough to meet the requirement. Data 21's ZIP-390 product, for one, supports field-level encryption and can be called from COBOL, SAS, PL/I, etc. I believe there are others that do this but I'm most familiar with ZIP-390.
Back to top
View user's profile Send private message
elmerv

New User


Joined: 13 Jul 2006
Posts: 3

PostPosted: Wed Sep 30, 2009 9:25 pm    Post subject: Reply to: PCI DSS 1.2 Requirement 3.4 best practice
Reply with quote

Thank you Robert. So we should be looking at encryption, then.
If you would be able to share, were there any performance issues
after implementing encryption?

Thanks.

Bew
Back to top
View user's profile Send private message
Robert Sample

Global Moderator


Joined: 06 Jun 2008
Posts: 7995
Location: Bellevue, IA

PostPosted: Wed Sep 30, 2009 9:45 pm    Post subject:
Reply with quote

No, no performance issues showed up since we did only the field, not the entire file.
Back to top
View user's profile Send private message
elmerv

New User


Joined: 13 Jul 2006
Posts: 3

PostPosted: Wed Sep 30, 2009 10:03 pm    Post subject: Reply to: PCI DSS 1.2 Requirement 3.4 best practice
Reply with quote

I'll advise them to look into encryption.

Appreciate your input.

Thanks.

Bew
Back to top
View user's profile Send private message
View previous topic :: :: View next topic  
Post new topic   Reply to topic    IBMMAINFRAMES.com Support Forums -> All Other Mainframe Topics All times are GMT + 6 Hours
Page 1 of 1

 

Search our Forum:

Similar Topics
Topic Author Forum Replies Posted
No new posts SORT requirement sjiraga COBOL Programming 6 Thu Mar 09, 2017 9:11 pm
This topic is locked: you cannot edit posts or make replies. Mainframe Developer requirement in Ku... capricorn Mainframe Jobs 0 Sun Oct 23, 2016 3:49 pm
No new posts Cards mainframe developer requirement... capricorn Mainframe Jobs 0 Sun Sep 11, 2016 9:57 am
This topic is locked: you cannot edit posts or make replies. Urgent Requirement in CTS Chennai. Mahi_e Mainframe Jobs 0 Wed Feb 17, 2016 3:52 pm
This topic is locked: you cannot edit posts or make replies. IBM SYSTEM PROGRAMMER REQUIREMENT mjadwani2785 Mainframe Jobs 0 Thu Nov 05, 2015 5:41 pm


Facebook
Back to Top
 
Mainframe Wiki | Forum Rules | Bookmarks | Subscriptions | FAQ | Tutorials | Contact Us