Knowledge & Resources / Standards and Technologies / PCI DSS Compliance and Digi Cellular Routers

PCI DSS Compliance and Digi Cellular Routers

PCI DSS Compliance and Digi Cellular Routers

In order to ensure the highest level of protection for credit/debit card transactions, Payment Card Industry Data Security Standards (PCI DSS) requirements have been created to validate the security of an entire network.

Major PCI DSS requirements include:
  • Build and Maintain a Secure Network
  • Protect Cardholder Data
  • Maintain a Vulnerability Management Program
  • Implement Strong Access Control Measures
  • Regularly Monitor and Test Networks
  • Maintain an Information Security Policy

Most Digi IP router models, when used and configured properly, meet the stringent standards of PCI compliance for POS/Financial applications. For a full explanation of how Digi cellular routers can be part of your PCI DSS solution, read the white paper:

PCI Compliant Remote Site Solution
PCI Compliant Remote Site Solution

FAQ

How do I know which Digi cellular router is right for me?
If you require a router that initiates/terminates a VPN connection to payment processor, choose the Digi TransPort family of cellular routers. These routers include the full PCI feature set including (but not limited to):
  • Stateful inspection firewall
  • Network segmentation via VLAN or Ethernet port isolation
  • MAC filtering to prevent unwanted client PCs on the network
  • Encryption and authentication via IPsec, IKE, SSL, SSH and X.509 certificates
  • Configurable user levels and remote authentication
  • Full event logging, which can be stored via Syslog, including event alarm support
If you do not require a router that initiates/terminates the VPN connection, but require a pass-through connection as part of an existing VPN connection, each of the following Digi cellular routers would be applicable:
What if I don’t need PCI, but I do need a secure remote connection?
What are the PCI DSS principles and accompanying requirements?<
  • Build and Maintain a Secure Network
    • Requirement 1: Install and maintain a firewall configuration to protect cardholder data
    • Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
  • Protect Cardholder Data
    • Requirement 3: Protect stored cardholder data
    • Requirement 4: Encrypt transmission of cardholder data across open, public networks
  • Maintain a Vulnerability Management Program
    • Requirement 5: Use and regularly update anti-virus software
    • Requirement 6: Develop and maintain secure systems and applications
  • Implement Strong Access Control Measures
    • Requirement 7: Restrict access to cardholder data by business need-to-know
    • Requirement 8: Assign a unique ID to each person with computer access
    • Requirement 9: Restrict physical access to cardholder data
  • Regularly Monitor and Test Networks
    • Requirement 10: Track and monitor all access to network resources and cardholder data
    • Requirement 11: Regularly test security systems and processes
  • Maintain an Information Security Policy
    • Requirement 12: Maintain a policy that addresses information security

Additional Resources

Whitepaper: PCI Compliance and the Digi TransPort™ Router

Visit the official PCI website for full PCI DSS requirements

Contact a Digi expert and get started today! Contact Us