15. Key Components of PCI-DSS
Customer
Cloudera Navigator
Requirement
Encrypt Sentry Kerberos Core
✔ Install and maintain a firewall
✔ Do not use vendor-supplied defaults
✔ ✔ Protect stored cardholder data
✔ Encrypt transmission of cardholder data across open, public networks
✔ Use and regularly update anti-virus software
✔ ✔ Develop and maintain secure systems and applications
✔ ✔ Restrict access to cardholder data by business need-to-know
✔ Assign a unique ID to each person with computer access
✔ Restrict physical access to cardholder data
✔ Track and monitor all access to network resources and cardholder data
✔ Regularly test security systems and processes
✔ ✔ Maintain a policy that addresses information security
https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf
16. Key Components of HIPAA
Ref: http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/techsafeguards.pdf
Customer
Cloudera Navigator
Requirement
Encrypt Sentry Kerberos
✔ Unique User Identification: Assign a unique name and/or number for identifying and tracking user identity.
✔ Emergency Access Procedure: Establish procedures for obtaining necessary ePHI during an emergency.
✔
Automatic Logoff: Implement electronic procedures that terminate an electronic session after a
predetermined time of inactivity.
✔ Encryption and Decryption: Implement a mechanism to encrypt and decrypt ePHI.
✔ ✔ ✔
Implement hardware, software, and/or procedural mechanisms that record and examine activity in
information systems that contain or use ePHI.
✔
Mechanism to Authenticate ePHI: Implement electronic mechanisms to corroborate that ePHI has not been
altered or destroyed in an unauthorized manner.
✔
Authentication: Implement procedures to verify that a person or entity seeking access to ePHI is the one
claimed.
✔
Transmission Security - Integrity Controls: Implement security measures to ensure that electronically
transmitted ePHI is not improperly modified without detection until disposed of.
✔
Transmission Security – Encryption: Implement a mechanism to encrypt ePHI whenever deemed appropriate
28. • cloudera.com/security
• Hear more in the series:
• Deep dive on Kerberos and perimeter protection
• Encryption and key management
• Sentry and auditing
• Look for more info on the series in our follow up email
Learn More