cancel
Showing results for 
Search instead for 
Did you mean: 

Backup Exec 12.3 - PCI DSS compliant encryption?

InfoSec1
Level 2

Just looking at our backup solution and we are using Backup Exec 12.3.  This does indeed encrypt the data, but when reading PCI DSS V2, there is some hints that it might not be what the requirement is looking for even though the encryption level easily surpasses the required complexity.

Can anyone shed some definitive light?

Thanks

3 REPLIES 3

Colin_Weaver
Moderator
Moderator
Employee Accredited Certified

Backup Exec 12.3 does not exist - however I will assume a typo mistake for that.

 

Backup Exec Encryption supports FIPS 140-2 standards for encryption

as per

http://www.symantec.com/docs/TECH63931

and

http://www.symantec.com/docs/HOWTO21799

 

I don't think we have officially confirmed a match for PCI DSS, however it might be that the FIPS standard is an equivalent standard.

Note: If using 64 bit operating systems it appears you need to be using BackuP Exec 2010 to get FIPS Compliant support.

http://www.symantec.com/connect/idea/fips-140-2-encryption-support-x64-platforms

 

Hywel_Mallett
Level 6
Certified

Which specific PCI-DSS requirement do you think BE doesn't meet?

The key management parts might be a bit fiddly, but then that's not exclusive to BE.

The main one addressed is that the PAN is rendered unreadable anywhere it is stored, which BE can do using encryption,

InfoSec1
Level 2

I did indeed mean 12.5 smiley  Sorry about that!

Yeah, was fully aware of the BE encryption but it was whether the type of encryption was specific enough to PCI DSS V2. 

Thanks to Colin for pointing out the FIPS approval as this works hand in hand with PCI DSS.

Problem solved!