Upload
airtight-networks
View
1.768
Download
1
Tags:
Embed Size (px)
Citation preview
You will learn about:
The cost of non-compliance
Trends impacting wireless PCI compliance
PCI DSS 3.1 standard and wireless security
PCI best practices
Expert Speaker
Kevin McCauleyDirector of Retail Market DevelopmentAirTight Networks
View the webinar
Do My Security Controls Achieve Wireless PCI DSS? Compliance in the new world of threats
The Cost of Non-Compliance
If your business accepts payment cards, it needs to be PCI compliant to protect customer data. Wi-Fi is a common attack vector.
$5,000 - $200,000Non-compliance fines per month(Depending on the card brand, the nature of non-compliance,and the number of incidents)
Source: Focus on PCI
The Cost of RemediationImpact of a cyber-attack
AverageRemediationTimeframe
69%of consumers are less likely to shop at an organization that has been breached
31days
Cost per day Total price tag for a data breach
$20,000 $640,000
Source: Dark Reading, October 2014
Impact of Latest Trends on Wi-Fi Security
802.11ac standard accountsfor 30% of access point shipments*
*Source: IDC Worldwide Quarterly WLAN Tracker, March 2015
New high-performance 802.11ac standardcreates security blind spots
30%11n radio cannot monitor 11ac frame formats!
IDC predicts that 28 billion connected devices will exist by 2020* – how will network and security professionals cope?
IoT requires compliance officers to address both device volume and device diversity.
*Source: IDC Worldwide Quarterly WLAN Tracker, March 2015
Internet of Things Becoming Reality
28B
* Source: Hospitality Technology’s POS Software Trend Report 2015
** Source: BRP – POS/Customer Engagement Survey 2015
Mobile Technologies Create NewRequirements for Wi-Fi Networks
of restaurants are planning POS upgrades to add mobile POS and EMV*
47%
Consumers are becoming more mobile and want to pay and access the internet from anywhere. Employees are going mobile, too.
of retailers plan to add mobile devices for store associates within 2 years**
56%
Grab the Trends Infographic from SlideShare
View the infographic
Need In-depth Information?
Download white paper [PDF]: “PCI Compliance In The New World of Threats: Do My Security Controls Achieve
Wireless PCI DSS?”
PCI DSS Wireless Requirements
DSS Section No WLAN WLAN Deployed
ScanningRequirements
Section 11.1 Quarterly wireless scan
Section 11.4 Monitor wireless alerts
Section 12.9 Incident response plan
SecurityRequirements
Section 2.1.1 Change defaults n/a
Section 4.1.1 802.11i security n/a
Section 9.1.3 Physical security n/a
Section 10.5.4 Wireless logs n/a
Section 10.6 Wireless log review n/a
Section 12.3 Usage policies n/a
Req. 9.9 – Protect POS Terminals and Devices from Tampering
mPOS – devices should associate to the
wireless network specific to the location.
Guest Wi-Fi services – ensure connection
to the trusted network, not a honeypot.
How does AirTight WIPS help?
Eliminates false positives
Integrates with existing monitoring tools
Req. 2.4 – Maintain Inventory of System Components in Scope for PCI
Identify key components in the CDE
Ensure key components are protected
Limit scope of PCI audit
How does AirTight WIPS help? Inventories all wireless assets in the environment
Separates your assets from neighboring assets
Eliminates manual inventory methods
Defines scope of PCI audit
Req. 10.6 – Daily Log Review
Daily log reviews recognized as tedious
Focus should be on suspicious activity
and actionable events/data
How does AirTight WIPS help?
Device classification accuracy eliminates false positives
Integrates with existing monitoring tools
PCI Best Practices
1. Limit audit scope through network segmentation
2. Practice security as a continual process
3. Use strong wireless encryption and authentication
4. Use IDS/IPS to monitor traffic in the CDE
5. Implement an incident response plan
6. Establish & maintain a relationship with the auditor
Automate Your Wireless PCI Compliance
Learnabout AirTight’s PCI solutions
Need In-depth Information?
Download the whitepaper [PDF] : “PCI DSS 3.1 and the Impact on WiFi Security”
Retailers’ Plans to Update WAN/WLAN Security
Source: IHL Group – Impact of Store Networks and Wi-Fi on Customer Experience 2015 (sponsored by AirTight & EarthLink)
Download the report
Security/Compliance Highest in Wi-Fi Selection Criteria
Source: IHL Group – Impact of Store Networks and Wi-Fi on Customer Experience 2015
Security
PCI Compliance
Centralized Control
Costs
SLAs
Vendor Reputation
Analytics/Social Media
Download the IHL Report (PDF): Impact of Store Networks and Wi-Fi on Customer Experience
2015 Study: The Payback on Store Wi-Fi
The Roadmap to Wireless SecurityAdopt behavior-based approach
Does the system filter out only genuine threats?
Is threat scanning spot or continuous?
Can the system detect all types of vulnerabilities?
Can the solution automatically contain threats?
What is Behavior-based Security?
Read about AirTight’s behavior-based security on our blog
Are You Safe?
Schedule a FREE wireless vulnerability assessment
More Webinars with Kevin McCauley
View on demand
View on demand
PCI DSS 3.1 Webinar on Demand
www.slideshare.net/airtight
New PCI 3.1 Guidelines Address SSL Vulnerability via @AirTight blog
Secure Cloud Wi-Fi for
Distributed Enterprise
Want to learn more?
Request a demo