Do My Security Controls

Achieve Wireless PCI DSS?

Compliance in the new world of threats

You will learn about:

The cost of non-compliance

Trends impacting wireless PCI compliance

PCI DSS 3.1 standard and wireless security

PCI best practices

Expert Speaker

Kevin McCauleyDirector of Retail Market DevelopmentAirTight Networks

View the webinar

Do My Security Controls Achieve Wireless PCI DSS? Compliance in the new world of threats

The Cost of Non-Compliance

If your business accepts payment cards, it needs to be PCI compliant to protect customer data. Wi-Fi is a common attack vector.

$5,000 - $200,000Non-compliance fines per month(Depending on the card brand, the nature of non-compliance,and the number of incidents)

Source: Focus on PCI

The Cost of RemediationImpact of a cyber-attack

AverageRemediationTimeframe

69%of consumers are less likely to shop at an organization that has been breached

31days

Cost per day Total price tag for a data breach

$20,000 $640,000

Source: Dark Reading, October 2014

Impact of Latest Trends on Wi-Fi Security

802.11ac standard accountsfor 30% of access point shipments*

*Source: IDC Worldwide Quarterly WLAN Tracker, March 2015

New high-performance 802.11ac standardcreates security blind spots

30%11n radio cannot monitor 11ac frame formats!

IDC predicts that 28 billion connected devices will exist by 2020* – how will network and security professionals cope?

IoT requires compliance officers to address both device volume and device diversity.

*Source: IDC Worldwide Quarterly WLAN Tracker, March 2015

Internet of Things Becoming Reality

28B

* Source: Hospitality Technology’s POS Software Trend Report 2015

** Source: BRP – POS/Customer Engagement Survey 2015

Mobile Technologies Create NewRequirements for Wi-Fi Networks

of restaurants are planning POS upgrades to add mobile POS and EMV*

47%

Consumers are becoming more mobile and want to pay and access the internet from anywhere. Employees are going mobile, too.

of retailers plan to add mobile devices for store associates within 2 years**

56%

Grab the Trends Infographic from SlideShare

View the infographic

Need In-depth Information?

Download white paper [PDF]: “PCI Compliance In The New World of Threats: Do My Security Controls Achieve

Wireless PCI DSS?”

PCI DSS Wireless Requirements

DSS Section No WLAN WLAN Deployed

ScanningRequirements

Section 11.1 Quarterly wireless scan

Section 11.4 Monitor wireless alerts

Section 12.9 Incident response plan

SecurityRequirements

Section 2.1.1 Change defaults n/a

Section 4.1.1 802.11i security n/a

Section 9.1.3 Physical security n/a

Section 10.5.4 Wireless logs n/a

Section 10.6 Wireless log review n/a

Section 12.3 Usage policies n/a

Req. 9.9 – Protect POS Terminals and Devices from Tampering

mPOS – devices should associate to the

wireless network specific to the location.

Guest Wi-Fi services – ensure connection

to the trusted network, not a honeypot.

How does AirTight WIPS help?

Eliminates false positives

Integrates with existing monitoring tools

Req. 2.4 – Maintain Inventory of System Components in Scope for PCI

Identify key components in the CDE

Ensure key components are protected

Limit scope of PCI audit

How does AirTight WIPS help? Inventories all wireless assets in the environment

Separates your assets from neighboring assets

Eliminates manual inventory methods

Defines scope of PCI audit

Req. 10.6 – Daily Log Review

Daily log reviews recognized as tedious

Focus should be on suspicious activity

and actionable events/data

How does AirTight WIPS help?

Device classification accuracy eliminates false positives

Integrates with existing monitoring tools

Securing Large Environments“Visual inspection” inadequate for complex environments

PCI Best Practices

1. Limit audit scope through network segmentation

2. Practice security as a continual process

3. Use strong wireless encryption and authentication

4. Use IDS/IPS to monitor traffic in the CDE

5. Implement an incident response plan

6. Establish & maintain a relationship with the auditor

Automate Your Wireless PCI Compliance

Learnabout AirTight’s PCI solutions

Need In-depth Information?

Download the whitepaper [PDF] : “PCI DSS 3.1 and the Impact on WiFi Security”

Retailers’ Plans to Update WAN/WLAN Security

Source: IHL Group – Impact of Store Networks and Wi-Fi on Customer Experience 2015 (sponsored by AirTight & EarthLink)

Download the report

Security/Compliance Highest in Wi-Fi Selection Criteria

Source: IHL Group – Impact of Store Networks and Wi-Fi on Customer Experience 2015

Security

PCI Compliance

Centralized Control

Costs

SLAs

Vendor Reputation

Analytics/Social Media

Download the IHL Report (PDF): Impact of Store Networks and Wi-Fi on Customer Experience

2015 Study: The Payback on Store Wi-Fi

The Roadmap to Wireless SecurityAdopt behavior-based approach

Does the system filter out only genuine threats?

Is threat scanning spot or continuous?

Can the system detect all types of vulnerabilities?

Can the solution automatically contain threats?

What is Behavior-based Security?

Read about AirTight’s behavior-based security on our blog

Are You Safe?

Schedule a FREE wireless vulnerability assessment

More Webinars with Kevin McCauley

View on demand

View on demand

PCI DSS 3.1 Webinar on Demand

www.slideshare.net/airtight

New PCI 3.1 Guidelines Address SSL Vulnerability via @AirTight blog

Secure Cloud Wi-Fi for

Distributed Enterprise

Want to learn more?

Request a demo