BY Marketing Ground Labs | 6 May 2015
The way we transmitted data securely on the internet using SSL encryption is no longer considered secure due to recently found weaknesses. As a result, the PCI DSS has been updated to remove SSL from its definition of Strong Encryption which is required to keep data safe.
Disable SSL entirely across all systems, and update your applications to use the latest encryption protocol, TLS v1.2. More information on how to do this can be found in the official PCI SSC information supplement.
In the interests of security, you should update to the latest PCI DSS standard immediately as any data you transmit using SSL is at risk. Currently, all vendors must comply with PCI DSS 3.2 requirements. Additionally, new standards for PCI DSS 4.0 are on the horizon and will be required by 2025.
Share this article!
Want to keep up with all our blog posts? Subscribe to our newsletter!
As companies all around the world continue have large portions of their workforce remote, the need to keep their data safe and protected is even more critical. To help companies navigate this new reality and mitigate security risks, we are providing a 90-day complimentary version of our flagship solution—Enterprise Recon. Learn more about it here.
Please submit the form below and we’ll contact you to schedule a discovery call. Want to skip the email? Go here to schedule a meeting directly on our calendar.