White Papers for International Standards Organization (ISO) 27002 (17799)

Wireless LAN Security Best Practices and PCI Compliance

CISCO

This paper describes how best practices for wireless LAN security help businesses meet compliance requirements for the payment card industry (PCI) data security standard.

Wireless LANs are a core component of most corporate network infrastructure. With a naturally mobile workforce, industries including retail, hospitality, gaming and restaurants were among the first to realize that a real-time network connection for roaming employees could bring greater efficiency. Wireless LANs have long been used to provide instant visibility into inventory positions, enable easy reconfiguration of point of service (POS) systems, provide information kiosks for customers, and deliver voice services directly to employees or store associates. Any business that handles credit card data must comply with the requirements of the Payment Card Industry (PCI) Data Security Standard.1 This compliance includes the need to secure the wireless network. However, even if these industries do not have a wireless LAN, factors such as the prevalence of the technology in neighboring homes and businesses, as well as its easy availability and low cost, require them to put in place proper security practices. Proper security practices are essential to ensure that unauthorized wireless LANs are not introduced into the network, potentially causing
a violation of the PCI standard or creating a security breach. The good news for IT managers is that when properly deployed—and built upon a foundation of strong wired network security—wireless LANs are as secure as wired networks. While PCI affects any company handling credit card information, this paper focuses on the retail industry given the shear number of credit card transactions handled. This paper presents best practices for wireless LAN security and the prevention of wireless threats.

View the White Paper

Share or bookmarklet this web page at: