SlideShare Title:
Do My Security Controls Achieve Wireless PCI DSS?
Compliance in the new world of threats
Description:
Companion to the AirTight Networks webinar https://attendee.gotowebinar.com/register/3592031186368052738
Infographic
Why Should My Wi-Fi be PCI Compliant?
http://www.slideshare.net/airtight/why-should-my-wi-fi-be-pci-compliant
White papers
PCI Compliance In the New World of Wireless Threats
http://go.airtightnetworks.com/PCI_DSS_3.1_Compliance_In_A_New_World_Of_Threats.html
PCI DSS 3.1 and the Impact on Wi-Fi Security
http://go.airtightnetworks.com/PCI_DSS_3.1_Whitepaper_Impact_on_Wi-Fi_Security.html
IHL Study: Impact of Wi-Fi and Store Networks on Customer experience
http://go.airtightnetworks.com/IHL_Report.html
Blog
New PCI 3.1 Guidelines Address SSL Vulnerability
http://blog.airtightnetworks.com/pci-3-1-guidelines-ssl-vulnerability/
The Cost of Non-compliance
If your business accepts payment cards, it needs to be PCI compliant to protect customer data. Wi-Fi is a common attack vector. Rising threat levels and new technologies that make networked devices more mobile and interconnected mean that your wireless networks must conform to PCI standards.
• The cost of non-compliance ranges from $5,000 to $200,000, depending on the card brand, the nature of non-compliance, and the number of incidents.
• Total price tag for a data breach: $640,000, with an average remediation timeframe of 31 days, at a cost of 20,000 per day.
Impact of Latest Trends on Wi-Fi Security
• New high performance 802.11ac standard creates security blind spots.
• IoT requires compliance officers to address both device volume and device diversity.
Mobile Technologies Create New Requirements for Wi-Fi Networks
Consumers are becoming more mobile and want to pay and access the internet from anywhere. Businesses must protect these communications.
• 40% of restaurants are planning POS upgrades to add mobile POS and EMV
• 56% of retailers plan to add mobile devices for store associates in 2 years
Key wireless PCI requirements
Req. 9.9 – Protect POS Terminals and Devices from Tampering
mPOS – devices should associate to the wireless network specific to the location.
Guest Wi-Fi services – ensure connection to the trusted network, not a honeypot.
Req. 2.4 - Maintain Inventory of System Components in Scope for PCI
Identify key components in the CDE
Ensure key components are protected
Limit scope of PCI audit
Req. 10.6 – Daily Log Review
Daily log reviews recognized as tedious
Focus should be on suspicious activity and actionable events/data
PCI Best Practices
1. Limit audit scope through network segmentation
2. Practice security as a continual process
3. Use strong wireless encryption and authentication
4. Use IDS/IPS to monitor traffic in the CDE
5. Implement an incident response plan
6. Establish & maintain a relationship with the auditor
Do My Security Controls Achieve Wireless PCI Compliance
1. Do My Security Controls
Achieve Wireless PCI DSS?
Compliance in the new world of threats
2. You will learn about:
The cost of non-compliance
Trends impacting wireless PCI compliance
PCI DSS 3.1 standard and wireless security
PCI best practices
4. View the webinar
Do My Security Controls Achieve
Wireless PCI DSS?
Compliance in the new world of threats
5. The Cost of Non-Compliance
If your business accepts payment cards, it needs to be PCI
compliant to protect customer data. Wi-Fi is a common
attack vector.
$5,000 - $200,000
Non-compliance fines per month
(Depending on the card brand, the nature of non-compliance,
and the number of incidents)
Source: Focus on PCI
6. The Cost of Remediation
Impact of a cyber-attack
Average
Remediation
Timeframe
69%
of consumers are less likely to
shop at an organization that
has been breached
31
days
Cost per day Total price tag for a data breach
$20,000 $640,000
Source: Dark Reading, October 2014
7. Impact of Latest Trends on
Wi-Fi Security
802.11ac standard accounts
for 30% of access point shipments*
*Source: IDC Worldwide Quarterly WLAN Tracker, March 2015
New high-performance 802.11ac standard
creates security blind spots
30%
11n radio cannot monitor 11ac frame
formats!
8. IDC predicts that 28 billion connected
devices will exist by 2020* – how will
network and security professionals
cope?
IoT requires compliance officers to
address both device volume and device
diversity.
*Source: IDC Worldwide Quarterly WLAN Tracker, March 2015
Internet of Things Becoming Reality
28B
9. * Source: Hospitality Technology’s POS Software Trend Report 2015
** Source: BRP – POS/Customer Engagement Survey 2015
Mobile Technologies Create New
Requirements for Wi-Fi Networks
of restaurants are planning
POS upgrades to add
mobile POS and EMV*
47%
Consumers are becoming more mobile and want to pay
and access the internet from anywhere. Employees are
going mobile, too.
of retailers plan to add mobile
devices for store associates
within 2 years**
56%
10. Grab the Trends Infographic from SlideShare
View the infographic
11. Need In-depth Information?
Download white paper [PDF]: “PCI Compliance In The
New World of Threats: Do My Security Controls Achieve
Wireless PCI DSS?”
13. Req. 9.9 – Protect POS Terminals and
Devices from Tampering
mPOS – devices should associate to the
wireless network specific to the location.
Guest Wi-Fi services – ensure connection
to the trusted network, not a honeypot.
How does AirTight WIPS help?
Eliminates false positives
Integrates with existing monitoring tools
14. Req. 2.4 – Maintain Inventory of System
Components in Scope for PCI
Identify key components in the CDE
Ensure key components are protected
Limit scope of PCI audit
How does AirTight WIPS help?
Inventories all wireless assets in the environment
Separates your assets from neighboring assets
Eliminates manual inventory methods
Defines scope of PCI audit
15. Req. 10.6 – Daily Log Review
Daily log reviews recognized as tedious
Focus should be on suspicious activity
and actionable events/data
How does AirTight WIPS help?
Device classification accuracy eliminates false positives
Integrates with existing monitoring tools
17. PCI Best Practices
1. Limit audit scope through network segmentation
2. Practice security as a continual process
3. Use strong wireless encryption and authentication
4. Use IDS/IPS to monitor traffic in the CDE
5. Implement an incident response plan
6. Establish & maintain a relationship with the auditor
20. Retailers’ Plans to Update WAN/WLAN
Security
Source: IHL Group – Impact of Store Networks and Wi-Fi on
Customer Experience 2015 (sponsored by AirTight & EarthLink)
Download
the report
21. Security/Compliance Highest in
Wi-Fi Selection Criteria
Source: IHL Group – Impact of Store Networks and Wi-Fi on
Customer Experience 2015
Security
PCI Compliance
Centralized Control
Costs
SLAs
Vendor Reputation
Analytics/Social Media
22. Download the IHL Report (PDF): Impact of Store
Networks and Wi-Fi on Customer Experience
2015 Study: The Payback on Store Wi-Fi
23. The Roadmap to Wireless Security
Adopt behavior-based approach
Does the system
filter out only
genuine threats?
Is threat
scanning spot or
continuous?
Can the system
detect all types of
vulnerabilities?
Can the solution
automatically
contain threats?
24. What is Behavior-based Security?
Read about AirTight’s behavior-
based security on our blog
Are You Safe?
Schedule a FREE wireless
vulnerability assessment