Re: PCI-DSS Requirements

Ron <ronljohnsonjr@gmail.com>

From: Ron <ronljohnsonjr@gmail.com>
To: pgsql-general@lists.postgresql.org
Date: 2022-09-20T17:44:57Z
Lists: pgsql-general
On 9/20/22 04:27, Inzamam Shafiq wrote:
>
> Hi Team,
>
>
> Anyone on PCI-DSS requirements for PostgreSQL DB, need help for some of 
> the points.
>

Can you be more specific?  (Typically. the auditors or the "audit pre-check" 
team will ask for a bunch of details on how your instance is configured.)

The usual questions I get are:
- What password hash algorithm is used?
- How frequently to passwords expire?
- Is SSL used when communicating with applications?

-- 
Angular momentum makes the world go 'round.