On Internet, when protecting sensitive data, in transit you must use the security protocols you’ve heard of, like HTTPS, SSH, SFTP, FTP/S, TLS, VPN, IPSec and more, however, using only these protocols is not enough when following methodologies like “defense at depth”, where you need more security layers to tackle most of the threats and risks regarding data exposure when sending or receiving data.
In this post I will talk about recommendations you can follow to increase the level of security of critical and sensitive data while transmiting data anywhere, from internal networks to public or insecure networks.
Continue reading Encrypt cardholder data in transit. PCI-DSS Requirement 4 recommendations.