PCI DSS and GoAnywhere Gateway
GoAnywhere Gateway es un componente de seguridad importante para la protección de datos de tarjetas y ayuda a las empresas a cumplir con los estándares de seguridad PCI DSS. Al permitir que los datos sensibles y credenciales permanezcan fuera de la zona DMZ y no requerir la apertura de puertos de entrda a la red interna, GoAnywhere Gateway es especialment útil para cumplir con los requisitos de la norma PCI DSS Sección 1.3 of the (texto orginal).
1.3 | Prohibit direct public access between the Internet and any system component in the cardholder data environment. |
1.3.1 | Implement a DMZ to limit inbound traffic to only system components that provide authorized publicly accessible services, protocols, and ports. |
1.3.2 | Limit inbound Internet traffic to IP addresses within the DMZ. |
1.3.3 | Do not allow any direct connections inbound or outbound for traffic between the Internet and the cardholder data environment. |
1.3.4 | Do not allow internal addresses to pass from the Internet into the DMZ. |
1.3.5 | Do not allow unauthorized outbound traffic from the cardholder data environment to the Internet. |
1.3.6 | Implement stateful inspection, also known as dynamic packet filtering. (That is, only "established" connections are allowed into the network.) |
1.3.7 | Place system components that store cardholder data (such as a database) in an internal network zone, segregated from the DMZ and other untrusted networks. |
1.3.8 |
Do not disclose private IP addresses and routing information to unauthorized parties. Note:
Methods to obscure IP addressing may include, but are not limited to:
|
Linoma Software es una entidad que participa en el " Payment Card Industry Security Standards Council" (PCI SSC). Como miembro, Linoma Software recibe formación y continua revisión de los estándares existentes o futuras mejoras directamente de PCI SSC.
Linoma Software está comprometida con la protección de la información personal identificable y de tarjetas de pago tanto en movimiento como en su almacenamiento a través de la encriptación, gestión de claves y transporte seguro.