LEVER Technology Group PLC
Wireless, IP Networking ServicesWireless Networks and Security SolutionsExpert Telecoms TrainingTelecoms Training Courses
Our clientsAbout LEVERWhy choose LEVERLEVER home page

Tel: +44 (0)113 398 3300     E-mail:       Contact Us

LEVER Home > Telecoms and Wireless Training Courses
 

PCI Wireless Compliance


The Payment Card Industry (PCI) is now mandating stricter wireless security measures, and the cost of non-compliance is significant.

PCI DSS sets the following Goals Broad Requirements:

- Build and Maintain a Secure Network
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy

Some top-level inadequacies - at least one of which probably applies to your company's wireless networks - include:

- Absence of an effective written Wireless Security Policy
- Inadequately-trained IT network support staff
- The continued use of WEP
- The use of MAC Address Filtering
- The use of WPA Personal / WPA Pre-Shared Key / WPA-PSK / WPA Passphrase
- The existince of Mis-configured Access Points, Non-Compliant Access Points and Rogue APs
- Vulnerability to wireless Denial of Service (DoS) attacks
- Lack of effective Wireless Event Logging
- Inadequate Security Audit Trails

WEP provides totally inadequate security, but yet WEP is still used in many environments because of the retention of outdated legacy barcode scanning terminals.

The use of WPA Personal / WPA Pre-Shared Key (WPA-PSK) - WPA Passphrases has serious weaknesses.

MAC Address Fltering is entirely ineffective and a poor use of IT support time.

Cost of a Data Breach
In 2007, the Ponemon Institute published a study that examined the costs incurred by 35 companies after
experiencing a data breach 1. The cost of a data breach averaged $197 per compromised customer record in 2007,
up from $182 per compromised record in 2006. Lost business opportunities, including losses resulting from brand
damage and customer churn represented the most significant cost increase, rising from $98 in 2006 to $128 in 2007.

Retail Wireless Exposure
Several recent high profile data breaches have occurred as a direct result of wireless vulnerabilities. The highly publicised breach at JTX resulted in at least 45.7 million credit and debit card data being compromised.
According to the Wall Street Journal, the TJX breach occurred as a direct result of weak wireless security.

How to implement PCI Wireless Compliance


Looking for training or advice on PCI Wireless Compliance and other concepts - to implement robust, secure, scalable and reliable wireless networks?   Contact Us

Tutorials and explanations of other WiFi terms:

802.11  802.11a  802.11b  802.11g  802.11i  802.11n  802.1x  802.3  802.x  Access Point  Ad-Hoc  AES  Association  Authentication  Bridge  BSS  BSSID  dB  dBi  dBm  DSSS  EAP  ESS  ESSID  EWG  FHSS  Fragmentation  Fresnel Zone  Hidden Node  HT  Hz  IBSS  IEEE  Infrastructure Mode  inSSIDer  ISM  LAN  MAC  MIMO  Mobile VoIP  Multipath  OFDM  Passphrase  PCI Wireless Compliance  Peer-peer  Protocol  PSK  PSMP  Repeater  RF  Roaming  RTC/CTS  Security  SIP Trunk  SMPS  SNMP  Spectrum Analysis  SSID  UMA  UNII  VoFi  Voice over WLAN  Voice-Enterprise  Voice-Personal  WEP  WGB  Wi-Spy  WiFi  Wireless  Wireless Security  Wireless Site Survey  Wireless Tutorials  Wireless-N  WPA  WPA Enterprise  WPA Personal  WPA-PSK  WPA2  

WPA2 is a term used in 802.11 WiFi wireless networks (Wi-Fi Wireless LANs / WLANs).



Tel: +44 (0)113 398 3300     E-mail:         Contact Us | Wireless Solutions | Wireless Survey | Terms | Privacy   © LEVER Technology Group PLC