Skip to main content

💼 3.5.1.3 If disk-level or partition-level encryption is used (rather than file-, column-, or field--level database encryption) to render PAN unreadable.

  • ID: /frameworks/pci-dss-v4.0.1/03/05/01/03

Description

It is managed as follows:

  • Logical access is managed separately and independently of native operating system authentication and access control mechanisms.
  • Decryption keys are not associated with user accounts.
  • Authentication factors (passwords, passphrases, or cryptographic keys) that allow access to unencrypted data are stored securely.

Similar

  • Sections
    • /frameworks/pci-dss-v4.0/03/05/01/03

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 PCI DSS v4.0 → 💼 3.5.1.3 If disk-level or partition-level encryption is used (rather than file-, column-, or field--level database encryption) to render PAN unreadable.12no data

Similar Sections (Give Policies To)

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
💼 PCI DSS v4.0 → 💼 3.5.1.3 If disk-level or partition-level encryption is used (rather than file-, column-, or field--level database encryption) to render PAN unreadable.12no data

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (12)

PolicyLogic CountFlagsCompliance
🛡️ AWS Account EBS Volume Encryption Attribute is not enabled in all regions🟢1🟢 x6no data
🛡️ AWS EFS File System encryption is not enabled🟢1🟢 x6no data
🛡️ AWS RDS Instance Encryption is not enabled🟢1🟢 x6no data
🛡️ Azure Diagnostic Setting Logs export to Storage Account not encrypted with Customer-managed key🟢1🟢 x6no data
🛡️ Azure Storage Account With Critical Data is not encrypted with customer managed key🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure Unattached Managed Disk is not encrypted with Customer-managed key🟢1🟢 x6no data
🛡️ Azure Virtual Machine OS and Data disks are not encrypted with Customer-managed key🟢1🟢 x6no data
🛡️ Google BigQuery Dataset is not encrypted with Customer-Managed Encryption Key (CMEK)🟢1🟢 x6no data
🛡️ Google BigQuery Table is not encrypted with Customer-Managed Encryption Key (CMEK)🟢1🟢 x6no data
🛡️ Google Dataproc Cluster is not encrypted using Customer-Managed Encryption Key🟢1🟢 x6no data
🛡️ Google GCE Disk for critical VMs is not encrypted with Customer-Supplied Encryption Key (CSEK)🟢1🟢 x6no data
🛡️ Google GCE Instance Confidential Compute is not enabled🟢1🟢 x6no data