PlanetMysql.ru — информация о СУБД MySQL

Requirement 6 of PCI DSS v1.2 states that in order to be compliant, an organization must: “Develop and maintain secure systems and applications” “Unscrupulous individuals use security vulnerabilities to gain privileged access to systems. Many of these vulnerabilities are fixed by vendor- provided security patches, which must be installed by the entities that manage the systems. All [...]
PlanetMySQL Voting: Vote UP / Vote DOWN

Requirement 4 of PCI DSS v1.2 states that we must: “Encrypt transmission of cardholder data across open, public networks” Specifically, “Sensitive information must be encrypted during transmission over networks that are easily accessed by malicious individuals. Misconfigured wireless networks and vulnerabilities in legacy encryption and authentication protocols can be continued targets of malicious individuals who exploit these [...]
PlanetMySQL Voting: Vote UP / Vote DOWN

Requirement 3 of the PCI DSS v1.2 is: “Protect Stored Cardholder Data” As vague as that sounds, the PCI DSS enumerates exactly what that covers: Data Element Storage Permitted Protection Required PCI DSS Req 3.4 Primary Account Number Yes Yes Yes Cardholder Name* Yes Yes No Service Code* Yes Yes No Expiration Date* Yes Yes No Full Magnetic Stripe Data No N/A N/A CAV2/CVC2/CVV2/CID No N/A N/A PIN/PIN Block No N/A N/A * These data elements must be protected if stored in conjunction with the PAN. This protection should be [...]
PlanetMySQL Voting: Vote UP / Vote DOWN

Requirement 2 of the PCI DSS v1.2 is: “Do not use vendor-supplied defaults for system passwords and other security parameters” Understanding that we’re limiting the discussion solely to MySQL (OS, Network Devices, and other software will no doubt apply to overall compliance), we can do this easily. The vendor-supplied default MySQL 5.1.43 credentials can be [...]
PlanetMySQL Voting: Vote UP / Vote DOWN