Skip to main content

💼 4.1 Use strong cryptography and security protocols to safeguard sensitive cardholder data during transmission over open, public networks.

Contextual name: 💼 4.1 Use strong cryptography and security protocols to safeguard sensitive cardholder data during transmission over open, public networks.
ID: /frameworks/pci-dss-v3.2.1/04/01
Located in: 💼 4 Encrypt transmission of cardholder data across open, public networks.

Description

Including the following:

Only trusted keys and certificates are accepted.
The protocol in use only supports secure versions or configurations.
The encryption strength is appropriate for the encryption methodology in use.

Examples of open, public networks include but are not limited to:

The Internet
Wireless technologies, including 802.11 and Bluetooth
Cellular technologies, for example, Global System for Mobile communications (GSM), Code division multiple access (CDMA)
General Packet Radio Service (GPRS)
Satellite communications

Similar

Sections
- /frameworks/pci-dss-v4.0/04/02/01
- /frameworks/aws-fsbp-v1.0.0/elb/01
- /frameworks/aws-fsbp-v1.0.0/s3/05
Internal
- ID: dec-c-eaf8f1ac

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ELB.1] Application Load Balancer should be configured to redirect all HTTP requests to HTTPS
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.5] S3 general purpose buckets should require requests to use SSL		1	1
💼 PCI DSS v4.0 → 💼 4.2.1 Strong cryptography and security protocols are implemented to safeguard PAN during transmission over open, public networks.	2		9

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v4.0 → 💼 4.2.1 Strong cryptography and security protocols are implemented to safeguard PAN during transmission over open, public networks.	2		9

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 4.1.1 Ensure wireless networks transmitting cardholder data or connected to the cardholder data environment, use industry best practices to implement strong encryption for authentication and transmission.

Policies (9)

Policy	Logic Count	Flags
📝 AWS ACM Certificate expires in the next 7 days 🟢	1	🟢 x6
📝 AWS ACM RSA Certificate key length is less than 2048 bits 🟢	1	🟢 x6
📝 AWS S3 Bucket Policy is not set to deny HTTP requests 🟢	1	🟢 x6
📝 Azure App Service FTP deployments are not disabled 🟢	1	🟢 x6
📝 Azure App Service HTTPS Only configuration is not enabled 🟢	1	🟢 x6
📝 Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure PostgreSQL Flexible Server require_secure_transport Parameter is not set to ON 🟢	1	🟢 x6
📝 Azure PostgreSQL Single Server Enforce SSL Connection is not set enabled 🟢	1	🟢 x6
📝 Azure Storage Account Secure Transfer Required is not enabled 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-14f5fc25	1
✉️ dec-x-75db76ad	1
✉️ dec-x-995424b7	2
✉️ dec-x-c0a7793e	1
✉️ dec-x-d5fbfc40	1
✉️ dec-x-d95ea48b	1

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections
Policies (9)
Internal Rules