Implementation of „SSL for ADO.NET“ for Encryption of the Data in Transit in the Corporate Network (PCI DSS v3.1)
The PCI requirements for encryption for data in transit are different for private networks than they are for public networks. Encryption of sensitive data in motion is addressed in PCI DSS version 3.1 via Requirement 4 and its corresponding subrequirements. The DSS is clear that the requirements apply to the transmission of payment card data across “open, public networks” that are susceptible to unauthorized access. The PCI DSS and the PCI Glossary describe public networks as network transport providers that connect an organization’s networks to each other over a wide area network (WAN), to the Internet, or to partner networks.
The PCI requirements for encryption for data in transit are different for private networks than they are for public networks. Encryption of sensitive data in motion is addressed in PCI DSS version 3.1 via Requirement 4 and its corresponding subrequirements. The DSS is clear that the requirements apply to the transmission of payment card data across “open, public networks” that are susceptible to unauthorized access. The PCI DSS and the PCI Glossary describe public networks as network transport providers that connect an organization’s networks to each other over a wide area network (WAN), to the Internet, or to partner networks.