Network Security: Detailed info on PCI, EFS and the future?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Basics

[Top] [All Lists]

PCI, EFS and the future?

from [Nick Vaernhoej] Network Security

[Permanent Link]

Subject:	PCI, EFS and the future?
Date:	Fri, 2 Feb 2007 11:04:16 -0600

Good morning list

In the past I have asked about encryption solutions to attain PCI
compliance.

There are numerous solutions our there and I have some questions about
EFS in particular.

We are trying to create a small area on our corporate fileserver to be
an encrypted location. When used with EFS this area should be
transparent to the end user since it ties into AD.

My gut feeling is telling me that EFS is the wrong solution and I fear
that it won't be in compliance with PCI's data at rest specs.

Does anyone have any experience with EFS file level encryption, PCI and
what the future outlook is?

Are you looking at a replacement product because the auditor didn't find
EFS adequate?

Thank you

Nick Vaernhoej
"Quidquid latine dictum sit, altum sonatur."

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
PCI, EFS and the future?, Nick Vaernhoej <= RE: PCI, EFS and the future?, Roger A. Grimes Re: PCI, EFS and the future?, Saqib Ali RE: PCI, EFS and the future?, Nick Vaernhoej RE: PCI, EFS and the future?, Gressick, Michael RE: PCI, EFS and the future?, dave kleiman Message not available RE: PCI, EFS and the future?, Nick Vaernhoej Re: PCI, EFS and the future?, Nick Vaernhoej Re: PCI, EFS and the future?, Craig Wright Re: PCI, EFS and the future?, Sean Waddell Re: PCI, EFS and the future?, Saqib Ali

Previous by Date:	RE: Energy Policy Act of 2005: mini Y2k needed?, Chinnery, Paul
Next by Date:	RE: Mail scanner, Nick Duda
Previous by Thread:	Changing the domain password policy, Gary Collis
Next by Thread:	RE: PCI, EFS and the future?, Roger A. Grimes
Indexes:	[Date] [Thread] [Top] [All Lists]