PCI DSS compliance

Document ID : KB000097727
Last Modified Date : 23/05/2018
Show Technical Document Details
Question:
Is Datacom PCI DSS compliant?
PCI DSS stands for 'Payment Card Industry Data Security Standard'.
Does Datacom Server support  Transport Layer Security (TLS) ?   
Environment:
z/OS 
CA Datacom
Answer:
This is the answer from Dale Russell , Product Owner for CA Datacom products,  regarding this topic: 
 
CA Datacom products are not certified for PCI DSS compliance, however our products provide needed facilities that support environments where PCI data is stored and used:

1. Table encryption. CA Datacom/DB provides support for table encryption of data at rest (on dasd) and data in motion (in memory buffers).
2. Pervasive Encryption for z14. Datacom external files such as input/output to various utilities (backups, extracts, etc.) are fully compatible with IBM Pervasive Encryption.
3. Encrypted communication. CA Datacom Server applications that provide data outside the firewall should specify the CCI communication protocol from CA Common Services which includes TLS 1.2 support.
CICS Applications including CA Ideal for CA Datacom are dependent on CICS and CICS Web facilities for encryption of any communications outside the firewall.