Wireless Security and Compliance
Wireless Intrusion Prevention
The explosive growth in wireless networks has been matched by an explosive growth in attempts to attack, hack and otherwise compromise these networks. While basic wireless network security standards have improved, there are many environments (including financial institutions, defence, healthcare and education) where a breach of security could be catastrophic to the organisation under attack.
The primary purpose of a wireless intrusion prevention system (WIPS) is to prevent unauthorised network access by wireless devices. Some advanced wireless infrastructure have limited integrated WIPS capabilities.
Large organisations are particularly vulnerable to security breaches caused by rogue access points and unauthorised wireless devices attaching to the network. If an employee (trusted entity) in a location brings in an easily available wireless router, the entire network can be exposed to anyone within range of the signals.
PCI DSS Compliance
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organisations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM, and POS cards. Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure
In July 2009, the PCI Security Standards Council published wireless guidelines for PCI DSS recommending the use of WIPS to automate wireless scanning for large organizations.
Leading security vendors, have developed cost effective, cloud-based solutions which manage large numbers of sites (eg retail or fast food chains) spread across large geographical areas from a central location.