Re: PCI-DSS Requirements - Mailing list pgsql-general

From Inzamam Shafiq
Subject Re: PCI-DSS Requirements
Date
Msg-id AM9P251MB03305BD42D448571714000AF984E9@AM9P251MB0330.EURP251.PROD.OUTLOOK.COM
Whole thread Raw
In response to Re: PCI-DSS Requirements  (Ron <ronljohnsonjr@gmail.com>)
Responses Re: PCI-DSS Requirements
Re: PCI-DSS Requirements
List pgsql-general
Hi Ron,

Thank you for the response.

Actually we are in a starting phase and I have done instance level encryption (CYBERTECH TDE Patch) but if someone take dump and restore it on another server the data get restored successfully. Also the problem is that the data is in plain text.

So I want to ask if disk or instance level encryption useful or we should focus on column level encryption?

Also if any error occurred during DML and a plain query will be written into the logs which may not be compliant with PCI. How to overcome that?

Thanks.

Regards,

Inzamam Shafiq
Sr. DBA

From: Ron <ronljohnsonjr@gmail.com>
Sent: Tuesday, September 20, 2022 10:44 PM
To: pgsql-general@lists.postgresql.org <pgsql-general@lists.postgresql.org>
Subject: Re: PCI-DSS Requirements
 
On 9/20/22 04:27, Inzamam Shafiq wrote:

Hi Team,


Anyone on PCI-DSS requirements for PostgreSQL DB, need help for some of the points.


Can you be more specific?  (Typically. the auditors or the "audit pre-check" team will ask for a bunch of details on how your instance is configured.)

The usual questions I get are:
- What password hash algorithm is used?
- How frequently to passwords expire?
- Is SSL used when communicating with applications?

--
Angular momentum makes the world go 'round.

pgsql-general by date:

Previous
From: Inzamam Shafiq
Date:
Subject: pgbackrest Help Required
Next
From: YangYuping(杨瑜萍)
Date:
Subject: ECCN for PostgreSQL