Topics: |
The following are recommendations and information for the Protect Cardholder Data requirements.
Recommendations and Information for Requirement 3.1
The source system data should not be exposed directly to Omni-Gen for processing. The source data, which the client has residing in the existing infrastructure, should be protected based on the existing client needs. As the data is presented (on-ramped) into Omni-Gen, the client should select which data is required for processing, and any sensitive data should be properly masked. The client is advised to limit the intermediate storage of data and protect direct access to the data store.
Recommendations and Information for Requirement 3.2, 3.3, and 3.4
For critical and sensitive data, which rests in the data store, the client is advised to follow the data store (database or such) specific PCI compliance instructions for protecting the data store from unintended access.
The client is advised to use the TLS role-based configuration for consumer facing applications.