Skip to Main Content
Information Security Policy Development for Compliance
book

Information Security Policy Development for Compliance

by Barry L. Williams
April 2016
Intermediate to advanced content levelIntermediate to advanced
152 pages
4h 9m
English
Auerbach Publications
Content preview from Information Security Policy Development for Compliance
122
InformatIon SecurIty PolIcy DeveloPment for comPlIance
3.4 Render PAN unreadable anywhere it is stored (including on
por
table digital media, backup media, and in logs) by using any of the
following approaches:
One-w
ay hashes based on strong cryptography (hash must be
of the entire PAN)
Tru
ncation (hashing cannot be used to replace the truncated
segment of PAN)
Ind
ex tokens and pads (pads must be securely stored)
Strong cryptography with associated key-management pro-
cesses and procedures
Note: It is a relatively trivial eort for a malicious individual to
reconstruct original PAN data if he or she has access to both
the truncated and hashed versions of a PAN. Where hashed
and truncated versions of the same PAN are present ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Writing Information Security Policies

Writing Information Security Policies

Scott Barman

Publisher Resources

ISBN: 9781466580589