Ljubomir Ljubojevic wrote:
> Vreme: 10/11/2011 04:43 PM, Bade Iriabho pi?e:
>> Thanks guys, Paul you make very good points. Noted...
>>
>>>> 1. You have a server in a secured server room on a rack (is there
>>>> any need and advantage to having system encryption in this
>>>> particular case)
>>
>>> Only if there's requirements from above... or if you're going to be
>>> pulling drives as backups, say, and taking them out of there.
<snip>
Oh, another requirement: PCI DSS (it's been two and a half years since I
worked for a co that does managed security and was also a root CA). Look
at <https://www.pcisecuritystandards.org/index.php>, and the docs. For any
credit card information, ALL DATA between two systems *must* be encrypted,
and positively, if you need to pull a drive to replace it, you're going to
have to sanitize it, since someone could take it apart and rebuild it, and
get data off it.
So, if credit card transactions might be on it - any kind of PII (personal
identifying information) or HIPAA (for those in the US, medical data) -
you need encryption.
Or if you don't want anyone seeing your pr0n collection.... <g>
mark
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
