IDPMS is encrypting credit card information with a Data Encryption key (DEK). Each hotel has its own unique DEK. In order to stay PCI compliant, the key renewal process to generate new data encryption keys has to be started at least once a year. IDPMS offers an option to initiate a DEK renewal. With this option Hotels can renew the DEK themselves.
30 days prior to the expiration date of the DEK (or 335 days after the
last renewal date) a warning to renew the keys is send to users that are
part of the user group marked as Update Admin. See Groups.
This warning will be send in IDPMS mail.
20 days later (or 355 days after the last renewal date) the update admin
users will receive another warning. This warning is also displayed at
night audit.
If the DEK is not renewed after 365 days, a warning to renew the keys will
be displayed at every night audit. Furthermore this warning is send to
each Update admin user via IDPMS mail.
! Important note:
The DEK renewal is started from the IDPMS Extra > Tools > PCI menu.
After choosing the Encryption Key renewal option, additional warning messages are displayed if the user really wants to start the DEK renewal process.
The following screens inform the user of the process steps.
If the user chooses to continue the DEK renewal process, IDPMS will ask to save a Key File to disk.
! Note: