Benchmark: Requirement 4: Encrypt transmission of cardholder data across open, public networks

Description

Similar to requirement 3, in this requirement, you must secure the card data when it is transmitted over an open or public network (e.g. Internet, 802.11, Bluetooth, GSM, CDMA, GPRS). You must know where you are going to send/receive the card data to/from. Majorly, the card data is transmitted to the payment gateway, processor, etc. for processing transactions. Cybercriminals can potentially access cardholder data when it’s transmitted across public networks. Encrypting cardholder data prior to transmitting using a secure version of transmission protocols such as TLS, SSH, etc. can limit the likelihood of such data getting compromised.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-gcp-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select Requirement 4: Encrypt transmission of cardholder data across open, public networks.

Run this benchmark in your terminal:

powerpipe benchmark run gcp_compliance.benchmark.pci_dss_v321_requirement_4

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run gcp_compliance.benchmark.pci_dss_v321_requirement_4 --share

Benchmarks

4.1 Use strong cryptography and security protocols to safeguard sensitive cardholder data during transmission over open, public networks

Benchmark: Requirement 4: Encrypt transmission of cardholder data across open, public networks

Description

Usage

Benchmarks

Tags