Subhanshu Mohan Guptablogs.subhanshumg.com·Oct 2, 2024Ensuring PCI-DSS, POPI, GDPR, and HIPAA Compliance in Kubernetes SystemsIntroduction Welcome to Part IV of my Kubernetes series, where we delve into building compliant systems on Kubernetes to meet stringent regulatory standards such as PCI-DSS, POPI, GDPR, and HIPAA. As businesses continue to adopt containerized environ...10 likes·40 readsMastering Kubernetes: Revolutionizing Cloud-Native Operationspcidss
Karuppiah Natarajankaruppiah.dev·Sep 21, 2024Shipping CloudWatch Logs to S3Recently, at Ola, the Sentinels team, that is the security team in Ola, was asking us, the Core Infrastucture team, to help with getting Logs 🪵 for many things for a PCI Audit PCI - Payment Card Industry. PCI is a compliance. I think it’s called PCI...32 reads#CloudWatch
Basheer Ahamedbash33r.hashnode.dev·Dec 9, 2023PCI DSS Requirement 10: Track and Monitor Network AccessLogging mechanisms and tracked user activities are critical to preventing, detecting, or minimizing the impact of a data compromise. Implementing logs on all system components and in the cardholder data environment (CDE) allows thorough tracking, ale...pcidss
Basheer Ahamedbash33r.hashnode.dev·Dec 8, 2023PCI DSS Requirement 9: Restrict Physical Access to Cardholder DataWhile many organizations may prioritize the digital security measures needed to protect cardholder data, physical securities shouldn’t be forgotten. All physical access to cardholder data (or systems that interact with it) must be restricted to ensur...pcidss
Basheer Ahamedbash33r.hashnode.dev·Dec 7, 2023PCI DSS Requirement 8: Identify & Authenticate User Access to System ComponentsPCI DSS Requirement 8 provides detailed guidance on the two fundamental principles for identifying and authenticating users: establishing the identity of a person through an identifier, and verifying the identity of the user. The first principle is ...pcidss
Basheer Ahamedbash33r.hashnode.dev·Dec 6, 2023PCI DSS Requirement 7: Restrict Cardholder Data AccessAssigning permissions carefully is one means of protecting sensitive account data by providing the minimum level of access necessary to perform an employee’s job. Requirement 7 details the means of securing data by keeping those who have access to “n...pcidss
Basheer Ahamedbash33r.hashnode.dev·Nov 30, 2023Farewell, Triple DES: A Legacy Retires and the Future of Encryption BeckonsThe year is 2023, and a stalwart of the encryption world is taking its final bow. Triple DES, also known as TDEA, has served us well for decades, safeguarding sensitive data from prying eyes. But times change, and even the mightiest algorithms eventu...pcidss
Basheer Ahamedbash33r.hashnode.dev·Nov 30, 2023PCI DSS Requirement 1: Protect cardholder data with a FirewallIn the realm of Payment Card Industry Data Security Standard (PCI DSS), Requirement 1 holds a pivotal role, focusing on the establishment and management of firewalls as a shield for the cardholder data environment. Understanding the nuances of Requir...pcidss
Basheer Ahamedbash33r.hashnode.dev·Nov 13, 2023How Default Logins Endanger Your Organization👉Personal FAQ based on Requirement 2👈 Default usernames and passwords are like leaving your office door wide open with a "Welcome!" mat at the entrance. In the digital world, this seemingly harmless convenience offers cybercriminals an easy entry ...pcidss