SlideShare a Scribd company logo

Retail Stores and Wireless Security—Recommendations

AirTight Networks
AirTight Networks

Wireless computer networks are rapidly becoming universal. As a consumer-driven technology, wireless was developed to be simple to install, configure and use. It is that very simplicity, however, that has made it an easy attack vector. More than 95 percent of all laptop computers have wireless built-in; consumers use wireless routers at home to attach to their DSL or cable modems; cell phones and digital cameras are getting Wi-Fi enabled. For a retailer, this means that even if you are not deploying wireless LANs in your establishments, you have a wireless problem and you need a wireless security policy.

SportsTechnologyBusiness
1 of 7
Download to read offline
AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations A White Paper by AirTight Networks, Inc. 339 N. Bernardo Avenue, Suite 200, Mountain View, CA 94043 www.airtightnetworks.com © 2008 AirTight Networks, Inc. All rights reserved.
AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations On May 4, 2007, The Wall Street Journal reported a Marshall’s store in St. Paul, Minnesota—with a wireless vulnerability—was the entry point for hackers who ultimately gained access to at least 45.7 million payment card records from both Marshall’s and other stores in the TJX organization. This is the most recently publicized incident involving retailers and wireless attacks. At least three other large-scale attacks have been reported in the press, and undoubtedly there are more that have not made headlines. As reported in the WSL article, the law enforcement community believes that organized crime syndicates from Eastern Europe may be responsible for the TJX attack and several others. As Wireless Proliferates So Do the Threats Wireless computer networks are rapidly becoming universal. As a consumer-driven tech- nology, wireless was developed to be simple to install, configure and use. It is that very simplicity, however, that has made it an easy attack vector. More than 95 percent of all laptop computers have wireless built-in; consumers use wireless routers at home to attach to their DSL or cable modems; cell phones and digital cameras are getting Wi-Fi enabled. For a retailer, this means that even if you are not deploying wireless LANs in your estab- lishments, you have a wireless problem and you need a wireless security policy. Every retailer MUST protect itself and its customer from these attacks. This white paper will give some pointers and suggestions on how retailers can protect the most vulnerable locations—their stores—from wireless attacks. © 2008 AirTight Networks, Inc. All rights reserved. 2
AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations The Environment/The Challenge In most retail store environments, there are multiple, separate applications which IT may be supporting. For example: Inventory control Payroll Payment/transaction processing Telephony/phone calls Web-based applications (e.g., special orders) Video surveillance In a retail store, many of these applications may run over a wireless network—including inventory control, transaction data, voice, and video. The ideal store infrastructure—from a security perspective—is to isolate each of these applications from each other—both from a networking as well as from a server/storage perspective. However, from a cost perspective, the most efficient infrastructure combines all of the above onto one network and runs it all from a single server per store. Unfortunately, this exposes the retailer to the type of break-in that occurred at TJX. In most retail environments to date—cost has trumped security and compliance—in terms of priorities and emphasis. Organizations that process, store, or transmit payment card data—virtually all retailers—must be Payment Card Industry Data Security Standard (PCI DSS) -compliant, or risk losing their ability to process credit and debit card payments. But the massive reach and financial consequences of well publicized attacks and PCI DSS are forcing retailers to seriously re-think these trade-offs. So how does a retailer address the wireless security risk? Three Wireless Security “Openings” To secure the stores, a retailer must understand that wireless creates three potential security holes or entry points into its network from the retail store environment. The first is a criminal breaking into the network via some existing wireless equipment in the store. For any store that has deployed wireless in any form—for in-store communi- cations, bar code scanners, inventory readers, etc.—this is a major risk. Much of this © 2008 AirTight Networks, Inc. All rights reserved. 3
AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations legacy gear cannot support the latest strong encryption methods and, while some companies may claim they can add cloaking or masking to secure these devices, demonstrations using a WEP key cracking application have shown that cloaking may slow down hackers, but cannot stop them from breaking the key. The second is a ‘rogue’ wireless access point (AP) that gets installed without the retailers’ permission or knowledge. This may be installed by an employee who wants to use wireless in the store, it may be a hacker paying the janitor to install it, or it may be a vendor who visits the site, but it opens the network up to outside access. The third is an employee who wants to surf the Internet at lunch time—but who can’t do it on the store intranet—so he or she logs onto a neighboring wireless network (from another store in the mall, from a wireless hotspot, or from the neighbor across the street). When employees do this—anyone on that neighboring network—can come back through that same connection—into the store network, and see all the data/resources that the employee can see. The common threat from these three scenarios is that an outsider can gain access to your internal network. What can happen next? The attacker can: Sniff out user IDs and passwords to gain access to other internal resources Profile the network and servers to figure out where the valuable data resides Plant software to get at that data And then go back and cover their tracks This is an abbreviated version of what appears to have happened at TJX. Even if a retailer has not installed wireless in its stores, it is exposed to these threats and potential losses over wireless connections. So, how can a retailer protect itself from these threats? Recommendations The first step, as with all security programs, is to define a Wireless Security Policy. This policy should address each of the three threat scenarios above. The wireless security policy should logically complement the wired network security policy. And as with any good security policy, you should define an enforcement and monitoring program for the wireless security policy. © 2008 AirTight Networks, Inc. All rights reserved. 4
AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations Employee training/education is another required element—to ensure that all the store employees understand the dangers of wireless and their responsibilities in maintaining the security of the store infrastructure. From a network perspective, establish separate virtual local area networks (VLANs) for the different applications running in the store—and firewall them off from each other. The most critical, and this cannot be emphasized enough, is to keep the transaction data separate from all the other data, but it also makes sense to isolate the wireless traffic onto its own separate network(s). PCI DSS specifically calls for the use of firewalls to provide segmentation between wireless networks and networks used for point-of- sale transactions. Then, from a wireless network infrastructure perspective, it is strongly recommended that you upgrade any wireless devices (scanners, laptops, PoS terminals, etc.) and APs in the store to use the strongest encryption standard. The industry has defined and imple- mented WPA2 as the strongest standard encryption for wireless. The two earlier standards, WEP and WPA, have been shown to be not very secure. Because migrating your equipment to this new standard may take time, you should rotate your encryption keys on a monthly basis at a minimum if you are still running the older standards. Although this is not a requirement of PCI DSS, and most retailers don’t do it, they should. The final step for wireless security is to periodically conduct a wireless vulnerability as- sessment of your network. Effective wireless vulnerability assessment should: Automatically scan for all known vulnerabilities enabling zero-day attack protection Accurately detect and locate existing and potential vulnerabilities without false positives Create an inventory of critical assets and unauthorized devices in the airspace Present the scan results in a concise, but informative report that classifies vulnerabilities, prioritizes them according to well-defined severity levels, summarizes the main findings, and recommends remedial actions Compare reports generated at different times Present a view of your global wireless security posture Map wireless vulnerabilities in the context of the relevant regulatory compliance A recommended best practice is to conduct a wireless vulnerability assessment of your network every 15 days. © 2008 AirTight Networks, Inc. All rights reserved. 5
AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations You can use wireless handhelds or freeware tools on a laptop to periodically conduct such wireless vulnerabilities assessments. However, this approach has many limitations: It is manual and takes a lot of coordination Consolidation of data and reporting is very difficult It consumes valuable IT resources It is hard to repeat very frequently It is very expensive. You pay for handhelds, IT resource time and travel. It is not scalable for large retailers with thousands of locations across the globe An alternative approach is to use an automated system for wireless vulnerability assess- ment. Such a system provides 24x7 scanning, automatic vulnerability classification and consolidated reporting on a global scale at a fraction of the cost of manual assessment with wireless handhelds. AirTight is the only wireless vulnerability management company to offer a flexible, end- to-end solution that gives retailers visibility into their wireless security posture—and choice in how they manage it. SpectraGuard Online offers retailers a cost-effective, unbundled Wireless Vulnerability Management solution, delivered through an on-demand Software-as-a-Service (SaaS) model. There is no capital investment and no product obsolescence—just a small monthly service fee. Organizations can grow organically and pay only for what they need. This modular solution includes: Vulnerability Assessment service providing 24x7 wireless scanning to detect wireless activities, identify threats, identify and prioritize all wireless devices, and allow wireless security posture assessment. Regulatory Compliance service providing wireless compliance assessment capabilities for regulatory compliance standards such as PCI DSS. Vulnerability Remediation service providing instant notification of wireless vulnerabilities via email, automated or manual remediation capabilities for common threats, ability to track the location of wireless threats on a floor map, and the ability to visualize wireless signal spillage from corporate APs. SpectraGuard Enterprise provides retailers with a complete wireless intrusion prevention system that automatically identifies and blocks WLAN security threats. © 2008 AirTight Networks, Inc. All rights reserved. 6
AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations About AirTight Networks AirTight Networks is the industry standard for wireless vulnerability management and the only company that offers a flexible, end-to-end solution that gives customers visibility into their wireless security posture and a choice in how they manage it. AirTight’s SpectraGuard Enterprise provides a robust wireless intrusion prevention system (WIPS). Its SpectraGuard Online service is the world’s first on demand wireless vulnerability management service which provides a flexible approach to addressing wireless vulner- abilities with no capital investment. AirTight’s patented technology delivers the key elements of an effective WIPS to eliminate false alarms, block wireless threats immediately and automatically and locate wireless devices and events with pinpoint precision. AirTight’s customers include global retail, financial services, corporate, education and government organizations. AirTight Networks is a privately held company based in Mountain View, CA. For more information please visit www.airtightnetworks.com Wireless Vulnerability Management AirTight Networks, Inc. 339 N. Bernardo Avenue #200, Mountain View, CA 94043 T +1.877.424.7844 T 650.961.1111 F 650.961.1169 www.airtightnetworks.com info@airtightnetworks.com © 2008 AirTight Networks, Inc. All rights reserved. AirTight Networks and the AirTight Networks logo are trademarks, and AirTight and SpectraGuard are registered trademarks of AirTight Networks, Inc. All other trademarks mentioned herein are properties of their respective owners. Specifications are subject to change without notice.

Recommended

Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseAirTight Networks
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
Cloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell GoodmanCloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell Goodmanjonneiditz
 
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enVET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enKarel Van Isacker
 
An Internet of Things Reference Architecture
An Internet of Things Reference Architecture An Internet of Things Reference Architecture
An Internet of Things Reference Architecture Symantec
 
Reinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsReinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsNirmal Misra
 
Data Breach from the Inside Out
Data Breach from the Inside Out Data Breach from the Inside Out
Data Breach from the Inside Out The Lorenzi Group
 
Closing the gaps in enterprise data security: A model for 360 degrees protection
Closing the gaps in enterprise data security: A model for 360 degrees protectionClosing the gaps in enterprise data security: A model for 360 degrees protection
Closing the gaps in enterprise data security: A model for 360 degrees protectionFindWhitePapers
 

Recommended

Wireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseWireless Vulnerability Management: What It Means for Your Enterprise
Wireless Vulnerability Management: What It Means for Your EnterpriseAirTight Networks
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
Cloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell GoodmanCloud Webinar Neiditz Weitz Mitchell Goodman
Cloud Webinar Neiditz Weitz Mitchell Goodmanjonneiditz
 
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enVET4SBO Level 2 module 6 - unit 4 - v0.9 en
VET4SBO Level 2 module 6 - unit 4 - v0.9 enKarel Van Isacker
 
An Internet of Things Reference Architecture
An Internet of Things Reference Architecture An Internet of Things Reference Architecture
An Internet of Things Reference Architecture Symantec
 
Reinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsReinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsNirmal Misra
 
Data Breach from the Inside Out
Data Breach from the Inside Out Data Breach from the Inside Out
Data Breach from the Inside Out The Lorenzi Group
 
Closing the gaps in enterprise data security: A model for 360 degrees protection
Closing the gaps in enterprise data security: A model for 360 degrees protectionClosing the gaps in enterprise data security: A model for 360 degrees protection
Closing the gaps in enterprise data security: A model for 360 degrees protectionFindWhitePapers
 
EAS Decisions
EAS Decisions EAS Decisions
EAS Decisions Tyco Retail Solutions
 
The Economic Impact of File Virtualization
The Economic Impact of File VirtualizationThe Economic Impact of File Virtualization
The Economic Impact of File VirtualizationFindWhitePapers
 
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis MPhil/MRes/BSc
 
Quick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesQuick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesCompTIA
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromiseCMR WORLD TECH
 
Attacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network SecurityAttacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network Securityijtsrd
 
Solving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holtSolving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holtRoopa Nadkarni
 
Middleware Audits And Remediation For Pci Compliance
Middleware Audits And Remediation For Pci ComplianceMiddleware Audits And Remediation For Pci Compliance
Middleware Audits And Remediation For Pci Compliancemjschreck
 
Nvis, inc. 03 18-2020 - final
Nvis, inc. 03 18-2020 - finalNvis, inc. 03 18-2020 - final
Nvis, inc. 03 18-2020 - finalA. Phillip Smith
 
Securing Smart Cities
Securing Smart CitiesSecuring Smart Cities
Securing Smart CitiesJames '​-- Mckinlay
 
Mobile security - Intense overview
Mobile security - Intense overviewMobile security - Intense overview
Mobile security - Intense overviewPrivateWave Italia SpA
 
Security White Paper
Security White PaperSecurity White Paper
Security White PaperMobiWee
 
M2M Journal - 22nd edition
M2M Journal - 22nd editionM2M Journal - 22nd edition
M2M Journal - 22nd editionMartin Gutberlet
 
100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022Temok IT Services
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
The Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsThe Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsMuhammad FAHAD
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
E-commerce Security
E-commerce SecurityE-commerce Security
E-commerce SecurityLindsey Landolfi
 
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...Underwriters Laboratories
 
WIRELESS DEFENSE STRATEGIES IN THE IOT ERA
WIRELESS DEFENSE STRATEGIES IN THE IOT ERAWIRELESS DEFENSE STRATEGIES IN THE IOT ERA
WIRELESS DEFENSE STRATEGIES IN THE IOT ERAAharon Aharon
 
Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Samir Kotarwar
 

More Related Content

What's hot

The Economic Impact of File Virtualization
The Economic Impact of File VirtualizationThe Economic Impact of File Virtualization
The Economic Impact of File VirtualizationFindWhitePapers
 
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis MPhil/MRes/BSc
 
Quick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesQuick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesCompTIA
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromiseCMR WORLD TECH
 
Attacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network SecurityAttacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network Securityijtsrd
 
Solving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holtSolving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holtRoopa Nadkarni
 
Middleware Audits And Remediation For Pci Compliance
Middleware Audits And Remediation For Pci ComplianceMiddleware Audits And Remediation For Pci Compliance
Middleware Audits And Remediation For Pci Compliancemjschreck
 
Nvis, inc. 03 18-2020 - final
Nvis, inc. 03 18-2020 - finalNvis, inc. 03 18-2020 - final
Nvis, inc. 03 18-2020 - finalA. Phillip Smith
 
Security White Paper
Security White PaperSecurity White Paper
Security White PaperMobiWee
 
M2M Journal - 22nd edition
M2M Journal - 22nd editionM2M Journal - 22nd edition
M2M Journal - 22nd editionMartin Gutberlet
 
100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022Temok IT Services
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 
The Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsThe Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsMuhammad FAHAD
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 

What's hot (18)

EAS Decisions
EAS Decisions EAS Decisions
EAS Decisions
 
The Economic Impact of File Virtualization
The Economic Impact of File VirtualizationThe Economic Impact of File Virtualization
The Economic Impact of File Virtualization
 
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and VulnerabilitiesMeletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
Meletis Belsis - Wireless Security: Common Protocols and Vulnerabilities
 
Quick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for BusinessesQuick Start Guide to IT Security for Businesses
Quick Start Guide to IT Security for Businesses
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromise
 
Attacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network SecurityAttacks and Risks in Wireless Network Security
Attacks and Risks in Wireless Network Security
 
Solving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holtSolving the enterprise security challenge - Derek holt
Solving the enterprise security challenge - Derek holt
 
Middleware Audits And Remediation For Pci Compliance
Middleware Audits And Remediation For Pci ComplianceMiddleware Audits And Remediation For Pci Compliance
Middleware Audits And Remediation For Pci Compliance
 
Nvis, inc. 03 18-2020 - final
Nvis, inc. 03 18-2020 - finalNvis, inc. 03 18-2020 - final
Nvis, inc. 03 18-2020 - final
 
Securing Smart Cities
Securing Smart CitiesSecuring Smart Cities
Securing Smart Cities
 
Mobile security - Intense overview
Mobile security - Intense overviewMobile security - Intense overview
Mobile security - Intense overview
 
Security White Paper
Security White PaperSecurity White Paper
Security White Paper
 
M2M Journal - 22nd edition
M2M Journal - 22nd editionM2M Journal - 22nd edition
M2M Journal - 22nd edition
 
100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022100+ Cyber Security Interview Questions and Answers in 2022
100+ Cyber Security Interview Questions and Answers in 2022
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
 
The Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsThe Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control Systems
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's Enterprise
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 

Similar to Retail Stores and Wireless Security—Recommendations

Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...Underwriters Laboratories
 
WIRELESS DEFENSE STRATEGIES IN THE IOT ERA
WIRELESS DEFENSE STRATEGIES IN THE IOT ERAWIRELESS DEFENSE STRATEGIES IN THE IOT ERA
WIRELESS DEFENSE STRATEGIES IN THE IOT ERAAharon Aharon
 
Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Samir Kotarwar
 
Building a data network (wired and wireless
Building a data network (wired and wirelessBuilding a data network (wired and wireless
Building a data network (wired and wirelessFedora Leo
 
Dont Let Data And Business Assets Slip Out The Back Door Cm101243
Dont Let Data And Business Assets Slip Out The Back Door Cm101243Dont Let Data And Business Assets Slip Out The Back Door Cm101243
Dont Let Data And Business Assets Slip Out The Back Door Cm101243Erik Ginalick
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingShivamSharma909
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 
Securing Digital_Adams
Securing Digital_AdamsSecuring Digital_Adams
Securing Digital_AdamsJulius Adams
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_CMR WORLD TECH
 
Security&reliability
Security&reliabilitySecurity&reliability
Security&reliabilitycaca1009
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to itIT-Toolkits.org
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to itIT-Toolkits.org
 

Similar to Retail Stores and Wireless Security—Recommendations (20)

E-commerce Security
E-commerce SecurityE-commerce Security
E-commerce Security
 
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
Moving From Contactless to Wireless Technologies in Secure, Over-the-Air Tran...
 
WIRELESS DEFENSE STRATEGIES IN THE IOT ERA
WIRELESS DEFENSE STRATEGIES IN THE IOT ERAWIRELESS DEFENSE STRATEGIES IN THE IOT ERA
WIRELESS DEFENSE STRATEGIES IN THE IOT ERA
 
Wireless survey-report-saa-2016
Wireless survey-report-saa-2016Wireless survey-report-saa-2016
Wireless survey-report-saa-2016
 
Public wifi
Public wifiPublic wifi
Public wifi
 
Enterprise Edge Security with Cisco ISE
Enterprise Edge Security with Cisco ISEEnterprise Edge Security with Cisco ISE
Enterprise Edge Security with Cisco ISE
 
Building a data network (wired and wireless
Building a data network (wired and wirelessBuilding a data network (wired and wireless
Building a data network (wired and wireless
 
Dont Let Data And Business Assets Slip Out The Back Door Cm101243
Dont Let Data And Business Assets Slip Out The Back Door Cm101243Dont Let Data And Business Assets Slip Out The Back Door Cm101243
Dont Let Data And Business Assets Slip Out The Back Door Cm101243
 
CEH Domain 6.pdf
CEH Domain 6.pdfCEH Domain 6.pdf
CEH Domain 6.pdf
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network Hacking
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 
Securing Digital_Adams
Securing Digital_AdamsSecuring Digital_Adams
Securing Digital_Adams
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_
 
Security&reliability
Security&reliabilitySecurity&reliability
Security&reliability
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
 
Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 

More from AirTight Networks

Is 11ac Right for Your Network?
Is 11ac Right for Your Network?Is 11ac Right for Your Network?
Is 11ac Right for Your Network?AirTight Networks
 
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014AirTight Networks
 
Wi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise ThyselfWi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise ThyselfAirTight Networks
 
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014AirTight Networks
 
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration AirTight Networks
 
AirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSPAirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSPAirTight Networks
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks
 
AirTight social wifi solution brief
AirTight social wifi solution briefAirTight social wifi solution brief
AirTight social wifi solution briefAirTight Networks
 
Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013AirTight Networks
 
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...AirTight Networks
 
Survey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecuritySurvey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecurityAirTight Networks
 
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...AirTight Networks
 
Non WiFi interference combat guide 1
Non WiFi interference combat guide 1Non WiFi interference combat guide 1
Non WiFi interference combat guide 1AirTight Networks
 
WPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQsWPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQsAirTight Networks
 
WPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesWPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesAirTight Networks
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseAirTight Networks
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseAirTight Networks
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
Skyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresSkyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresAirTight Networks
 

More from AirTight Networks (20)

Is 11ac Right for Your Network?
Is 11ac Right for Your Network?Is 11ac Right for Your Network?
Is 11ac Right for Your Network?
 
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
 
Wi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise ThyselfWi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise Thyself
 
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
 
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
 
AirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSPAirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSP
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6
 
AirTight social wifi solution brief
AirTight social wifi solution briefAirTight social wifi solution brief
AirTight social wifi solution brief
 
Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013
 
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
 
Survey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecuritySurvey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise Security
 
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
 
Non WiFi interference combat guide 1
Non WiFi interference combat guide 1Non WiFi interference combat guide 1
Non WiFi interference combat guide 1
 
WPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQsWPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQs
 
WPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesWPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the Enterprise
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the Enterprise
 
802.11w Tutorial
802.11w Tutorial802.11w Tutorial
802.11w Tutorial
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
 
Skyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And CountermeasuresSkyjacking A Cisco Wlan Attack Analysis And Countermeasures
Skyjacking A Cisco Wlan Attack Analysis And Countermeasures
 

Recently uploaded

ppt on Myself, Occupation and my Interest
ppt on Myself, Occupation and my Interestppt on Myself, Occupation and my Interest
ppt on Myself, Occupation and my InterestNagaissenValaydum
 
大学假文凭《原版英国Imperial文凭》帝国理工学院毕业证制作成绩单修改
大学假文凭《原版英国Imperial文凭》帝国理工学院毕业证制作成绩单修改大学假文凭《原版英国Imperial文凭》帝国理工学院毕业证制作成绩单修改
大学假文凭《原版英国Imperial文凭》帝国理工学院毕业证制作成绩单修改atducpo
 
Albania Vs Spain Albania is Loaded with Defensive Talent on their Roster.docx
Albania Vs Spain Albania is Loaded with Defensive Talent on their Roster.docxAlbania Vs Spain Albania is Loaded with Defensive Talent on their Roster.docx
Albania Vs Spain Albania is Loaded with Defensive Talent on their Roster.docxWorld Wide Tickets And Hospitality
 
Call Girls in Dhaula Kuan 💯Call Us 🔝8264348440🔝
Call Girls in Dhaula Kuan 💯Call Us 🔝8264348440🔝Call Girls in Dhaula Kuan 💯Call Us 🔝8264348440🔝
Call Girls in Dhaula Kuan 💯Call Us 🔝8264348440🔝soniya singh
 
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best Female service 🦺
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best Female service 🦺CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best Female service 🦺
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best Female service 🦺anilsa9823
 
Tableaux 9ème étape circuit fédéral 2024
Tableaux 9ème étape circuit fédéral 2024Tableaux 9ème étape circuit fédéral 2024
Tableaux 9ème étape circuit fédéral 2024HechemLaameri
 
08448380779 Call Girls In Karol Bagh Women Seeking Men
08448380779 Call Girls In Karol Bagh Women Seeking Men08448380779 Call Girls In Karol Bagh Women Seeking Men
08448380779 Call Girls In Karol Bagh Women Seeking MenDelhi Call girls
 
Italy vs Albania Tickets: Italy's Quest for Euro Cup Germany History, Defendi...
Italy vs Albania Tickets: Italy's Quest for Euro Cup Germany History, Defendi...Italy vs Albania Tickets: Italy's Quest for Euro Cup Germany History, Defendi...
Italy vs Albania Tickets: Italy's Quest for Euro Cup Germany History, Defendi...Eticketing.co
 
JORNADA 4 LIGA MURO 2024TUXTEPEC1234.pdf
JORNADA 4 LIGA MURO 2024TUXTEPEC1234.pdfJORNADA 4 LIGA MURO 2024TUXTEPEC1234.pdf
JORNADA 4 LIGA MURO 2024TUXTEPEC1234.pdfArturo Pacheco Alvarez
 
Resultados del Campeonato mundial de Marcha por equipos Antalya 2024
Resultados del Campeonato mundial de Marcha por equipos Antalya 2024Resultados del Campeonato mundial de Marcha por equipos Antalya 2024
Resultados del Campeonato mundial de Marcha por equipos Antalya 2024Judith Chuquipul
 
Serbia vs England Vanja Milinkovic-Savic's Stellar Performance in Euro 2024 P...
Serbia vs England Vanja Milinkovic-Savic's Stellar Performance in Euro 2024 P...Serbia vs England Vanja Milinkovic-Savic's Stellar Performance in Euro 2024 P...
Serbia vs England Vanja Milinkovic-Savic's Stellar Performance in Euro 2024 P...Eticketing.co
 
Dubai Call Girls Bikni O528786472 Call Girls Dubai Ebony
Dubai Call Girls Bikni O528786472 Call Girls Dubai EbonyDubai Call Girls Bikni O528786472 Call Girls Dubai Ebony
Dubai Call Girls Bikni O528786472 Call Girls Dubai Ebonyhf8803863
 
Atlanta Dream Exec Dan Gadd on Driving Fan Engagement and Growth, Serving the...
Atlanta Dream Exec Dan Gadd on Driving Fan Engagement and Growth, Serving the...Atlanta Dream Exec Dan Gadd on Driving Fan Engagement and Growth, Serving the...
Atlanta Dream Exec Dan Gadd on Driving Fan Engagement and Growth, Serving the...Neil Horowitz
 
( Sports training) All topic (MCQs).pptx
( Sports training) All topic (MCQs).pptx( Sports training) All topic (MCQs).pptx
( Sports training) All topic (MCQs).pptxParshotamGupta1
 
TAM Sports_IPL 17 Till Match 37_Celebrity Endorsement _Report.pdf
TAM Sports_IPL 17 Till Match 37_Celebrity Endorsement _Report.pdfTAM Sports_IPL 17 Till Match 37_Celebrity Endorsement _Report.pdf
TAM Sports_IPL 17 Till Match 37_Celebrity Endorsement _Report.pdfSocial Samosa
 
大学学位办理《原版美国USD学位证书》圣地亚哥大学毕业证制作成绩单修改
大学学位办理《原版美国USD学位证书》圣地亚哥大学毕业证制作成绩单修改大学学位办理《原版美国USD学位证书》圣地亚哥大学毕业证制作成绩单修改
大学学位办理《原版美国USD学位证书》圣地亚哥大学毕业证制作成绩单修改atducpo
 
🔝|97111༒99012🔝 Call Girls In {Delhi} Cr Park ₹5.5k Cash Payment With Room De...
🔝|97111༒99012🔝 Call Girls In {Delhi} Cr Park ₹5.5k Cash Payment With Room De...🔝|97111༒99012🔝 Call Girls In {Delhi} Cr Park ₹5.5k Cash Payment With Room De...
🔝|97111༒99012🔝 Call Girls In {Delhi} Cr Park ₹5.5k Cash Payment With Room De...Diya Sharma
 
Croatia vs Albania Clash of Euro Cup 2024 Squad Preparations and Euro Cup Dre...
Croatia vs Albania Clash of Euro Cup 2024 Squad Preparations and Euro Cup Dre...Croatia vs Albania Clash of Euro Cup 2024 Squad Preparations and Euro Cup Dre...
Croatia vs Albania Clash of Euro Cup 2024 Squad Preparations and Euro Cup Dre...Eticketing.co
 

Recently uploaded (20)

ppt on Myself, Occupation and my Interest
ppt on Myself, Occupation and my Interestppt on Myself, Occupation and my Interest
ppt on Myself, Occupation and my Interest
 
大学假文凭《原版英国Imperial文凭》帝国理工学院毕业证制作成绩单修改
大学假文凭《原版英国Imperial文凭》帝国理工学院毕业证制作成绩单修改大学假文凭《原版英国Imperial文凭》帝国理工学院毕业证制作成绩单修改
大学假文凭《原版英国Imperial文凭》帝国理工学院毕业证制作成绩单修改
 
Albania Vs Spain Albania is Loaded with Defensive Talent on their Roster.docx
Albania Vs Spain Albania is Loaded with Defensive Talent on their Roster.docxAlbania Vs Spain Albania is Loaded with Defensive Talent on their Roster.docx
Albania Vs Spain Albania is Loaded with Defensive Talent on their Roster.docx
 
Call Girls in Dhaula Kuan 💯Call Us 🔝8264348440🔝
Call Girls in Dhaula Kuan 💯Call Us 🔝8264348440🔝Call Girls in Dhaula Kuan 💯Call Us 🔝8264348440🔝
Call Girls in Dhaula Kuan 💯Call Us 🔝8264348440🔝
 
Call Girls In RK Puram 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In RK Puram 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In RK Puram 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In RK Puram 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best Female service 🦺
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best Female service 🦺CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best Female service 🦺
CALL ON ➥8923113531 🔝Call Girls Saharaganj Lucknow best Female service 🦺
 
Tableaux 9ème étape circuit fédéral 2024
Tableaux 9ème étape circuit fédéral 2024Tableaux 9ème étape circuit fédéral 2024
Tableaux 9ème étape circuit fédéral 2024
 
Call Girls 🫤 Paharganj ➡️ 9999965857 ➡️ Delhi 🫦 Russian Escorts FULL ENJOY
Call Girls 🫤 Paharganj ➡️ 9999965857 ➡️ Delhi 🫦 Russian Escorts FULL ENJOYCall Girls 🫤 Paharganj ➡️ 9999965857 ➡️ Delhi 🫦 Russian Escorts FULL ENJOY
Call Girls 🫤 Paharganj ➡️ 9999965857 ➡️ Delhi 🫦 Russian Escorts FULL ENJOY
 
08448380779 Call Girls In Karol Bagh Women Seeking Men
08448380779 Call Girls In Karol Bagh Women Seeking Men08448380779 Call Girls In Karol Bagh Women Seeking Men
08448380779 Call Girls In Karol Bagh Women Seeking Men
 
Italy vs Albania Tickets: Italy's Quest for Euro Cup Germany History, Defendi...
Italy vs Albania Tickets: Italy's Quest for Euro Cup Germany History, Defendi...Italy vs Albania Tickets: Italy's Quest for Euro Cup Germany History, Defendi...
Italy vs Albania Tickets: Italy's Quest for Euro Cup Germany History, Defendi...
 
JORNADA 4 LIGA MURO 2024TUXTEPEC1234.pdf
JORNADA 4 LIGA MURO 2024TUXTEPEC1234.pdfJORNADA 4 LIGA MURO 2024TUXTEPEC1234.pdf
JORNADA 4 LIGA MURO 2024TUXTEPEC1234.pdf
 
Resultados del Campeonato mundial de Marcha por equipos Antalya 2024
Resultados del Campeonato mundial de Marcha por equipos Antalya 2024Resultados del Campeonato mundial de Marcha por equipos Antalya 2024
Resultados del Campeonato mundial de Marcha por equipos Antalya 2024
 
Serbia vs England Vanja Milinkovic-Savic's Stellar Performance in Euro 2024 P...
Serbia vs England Vanja Milinkovic-Savic's Stellar Performance in Euro 2024 P...Serbia vs England Vanja Milinkovic-Savic's Stellar Performance in Euro 2024 P...
Serbia vs England Vanja Milinkovic-Savic's Stellar Performance in Euro 2024 P...
 
Dubai Call Girls Bikni O528786472 Call Girls Dubai Ebony
Dubai Call Girls Bikni O528786472 Call Girls Dubai EbonyDubai Call Girls Bikni O528786472 Call Girls Dubai Ebony
Dubai Call Girls Bikni O528786472 Call Girls Dubai Ebony
 
Atlanta Dream Exec Dan Gadd on Driving Fan Engagement and Growth, Serving the...
Atlanta Dream Exec Dan Gadd on Driving Fan Engagement and Growth, Serving the...Atlanta Dream Exec Dan Gadd on Driving Fan Engagement and Growth, Serving the...
Atlanta Dream Exec Dan Gadd on Driving Fan Engagement and Growth, Serving the...
 
( Sports training) All topic (MCQs).pptx
( Sports training) All topic (MCQs).pptx( Sports training) All topic (MCQs).pptx
( Sports training) All topic (MCQs).pptx
 
TAM Sports_IPL 17 Till Match 37_Celebrity Endorsement _Report.pdf
TAM Sports_IPL 17 Till Match 37_Celebrity Endorsement _Report.pdfTAM Sports_IPL 17 Till Match 37_Celebrity Endorsement _Report.pdf
TAM Sports_IPL 17 Till Match 37_Celebrity Endorsement _Report.pdf
 
大学学位办理《原版美国USD学位证书》圣地亚哥大学毕业证制作成绩单修改
大学学位办理《原版美国USD学位证书》圣地亚哥大学毕业证制作成绩单修改大学学位办理《原版美国USD学位证书》圣地亚哥大学毕业证制作成绩单修改
大学学位办理《原版美国USD学位证书》圣地亚哥大学毕业证制作成绩单修改
 
🔝|97111༒99012🔝 Call Girls In {Delhi} Cr Park ₹5.5k Cash Payment With Room De...
🔝|97111༒99012🔝 Call Girls In {Delhi} Cr Park ₹5.5k Cash Payment With Room De...🔝|97111༒99012🔝 Call Girls In {Delhi} Cr Park ₹5.5k Cash Payment With Room De...
🔝|97111༒99012🔝 Call Girls In {Delhi} Cr Park ₹5.5k Cash Payment With Room De...
 
Croatia vs Albania Clash of Euro Cup 2024 Squad Preparations and Euro Cup Dre...
Croatia vs Albania Clash of Euro Cup 2024 Squad Preparations and Euro Cup Dre...Croatia vs Albania Clash of Euro Cup 2024 Squad Preparations and Euro Cup Dre...
Croatia vs Albania Clash of Euro Cup 2024 Squad Preparations and Euro Cup Dre...
 

Retail Stores and Wireless Security—Recommendations

  • 1. AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations A White Paper by AirTight Networks, Inc. 339 N. Bernardo Avenue, Suite 200, Mountain View, CA 94043 www.airtightnetworks.com © 2008 AirTight Networks, Inc. All rights reserved.
  • 2. AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations On May 4, 2007, The Wall Street Journal reported a Marshall’s store in St. Paul, Minnesota—with a wireless vulnerability—was the entry point for hackers who ultimately gained access to at least 45.7 million payment card records from both Marshall’s and other stores in the TJX organization. This is the most recently publicized incident involving retailers and wireless attacks. At least three other large-scale attacks have been reported in the press, and undoubtedly there are more that have not made headlines. As reported in the WSL article, the law enforcement community believes that organized crime syndicates from Eastern Europe may be responsible for the TJX attack and several others. As Wireless Proliferates So Do the Threats Wireless computer networks are rapidly becoming universal. As a consumer-driven tech- nology, wireless was developed to be simple to install, configure and use. It is that very simplicity, however, that has made it an easy attack vector. More than 95 percent of all laptop computers have wireless built-in; consumers use wireless routers at home to attach to their DSL or cable modems; cell phones and digital cameras are getting Wi-Fi enabled. For a retailer, this means that even if you are not deploying wireless LANs in your estab- lishments, you have a wireless problem and you need a wireless security policy. Every retailer MUST protect itself and its customer from these attacks. This white paper will give some pointers and suggestions on how retailers can protect the most vulnerable locations—their stores—from wireless attacks. © 2008 AirTight Networks, Inc. All rights reserved. 2
  • 3. AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations The Environment/The Challenge In most retail store environments, there are multiple, separate applications which IT may be supporting. For example: Inventory control Payroll Payment/transaction processing Telephony/phone calls Web-based applications (e.g., special orders) Video surveillance In a retail store, many of these applications may run over a wireless network—including inventory control, transaction data, voice, and video. The ideal store infrastructure—from a security perspective—is to isolate each of these applications from each other—both from a networking as well as from a server/storage perspective. However, from a cost perspective, the most efficient infrastructure combines all of the above onto one network and runs it all from a single server per store. Unfortunately, this exposes the retailer to the type of break-in that occurred at TJX. In most retail environments to date—cost has trumped security and compliance—in terms of priorities and emphasis. Organizations that process, store, or transmit payment card data—virtually all retailers—must be Payment Card Industry Data Security Standard (PCI DSS) -compliant, or risk losing their ability to process credit and debit card payments. But the massive reach and financial consequences of well publicized attacks and PCI DSS are forcing retailers to seriously re-think these trade-offs. So how does a retailer address the wireless security risk? Three Wireless Security “Openings” To secure the stores, a retailer must understand that wireless creates three potential security holes or entry points into its network from the retail store environment. The first is a criminal breaking into the network via some existing wireless equipment in the store. For any store that has deployed wireless in any form—for in-store communi- cations, bar code scanners, inventory readers, etc.—this is a major risk. Much of this © 2008 AirTight Networks, Inc. All rights reserved. 3
  • 4. AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations legacy gear cannot support the latest strong encryption methods and, while some companies may claim they can add cloaking or masking to secure these devices, demonstrations using a WEP key cracking application have shown that cloaking may slow down hackers, but cannot stop them from breaking the key. The second is a ‘rogue’ wireless access point (AP) that gets installed without the retailers’ permission or knowledge. This may be installed by an employee who wants to use wireless in the store, it may be a hacker paying the janitor to install it, or it may be a vendor who visits the site, but it opens the network up to outside access. The third is an employee who wants to surf the Internet at lunch time—but who can’t do it on the store intranet—so he or she logs onto a neighboring wireless network (from another store in the mall, from a wireless hotspot, or from the neighbor across the street). When employees do this—anyone on that neighboring network—can come back through that same connection—into the store network, and see all the data/resources that the employee can see. The common threat from these three scenarios is that an outsider can gain access to your internal network. What can happen next? The attacker can: Sniff out user IDs and passwords to gain access to other internal resources Profile the network and servers to figure out where the valuable data resides Plant software to get at that data And then go back and cover their tracks This is an abbreviated version of what appears to have happened at TJX. Even if a retailer has not installed wireless in its stores, it is exposed to these threats and potential losses over wireless connections. So, how can a retailer protect itself from these threats? Recommendations The first step, as with all security programs, is to define a Wireless Security Policy. This policy should address each of the three threat scenarios above. The wireless security policy should logically complement the wired network security policy. And as with any good security policy, you should define an enforcement and monitoring program for the wireless security policy. © 2008 AirTight Networks, Inc. All rights reserved. 4
  • 5. AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations Employee training/education is another required element—to ensure that all the store employees understand the dangers of wireless and their responsibilities in maintaining the security of the store infrastructure. From a network perspective, establish separate virtual local area networks (VLANs) for the different applications running in the store—and firewall them off from each other. The most critical, and this cannot be emphasized enough, is to keep the transaction data separate from all the other data, but it also makes sense to isolate the wireless traffic onto its own separate network(s). PCI DSS specifically calls for the use of firewalls to provide segmentation between wireless networks and networks used for point-of- sale transactions. Then, from a wireless network infrastructure perspective, it is strongly recommended that you upgrade any wireless devices (scanners, laptops, PoS terminals, etc.) and APs in the store to use the strongest encryption standard. The industry has defined and imple- mented WPA2 as the strongest standard encryption for wireless. The two earlier standards, WEP and WPA, have been shown to be not very secure. Because migrating your equipment to this new standard may take time, you should rotate your encryption keys on a monthly basis at a minimum if you are still running the older standards. Although this is not a requirement of PCI DSS, and most retailers don’t do it, they should. The final step for wireless security is to periodically conduct a wireless vulnerability as- sessment of your network. Effective wireless vulnerability assessment should: Automatically scan for all known vulnerabilities enabling zero-day attack protection Accurately detect and locate existing and potential vulnerabilities without false positives Create an inventory of critical assets and unauthorized devices in the airspace Present the scan results in a concise, but informative report that classifies vulnerabilities, prioritizes them according to well-defined severity levels, summarizes the main findings, and recommends remedial actions Compare reports generated at different times Present a view of your global wireless security posture Map wireless vulnerabilities in the context of the relevant regulatory compliance A recommended best practice is to conduct a wireless vulnerability assessment of your network every 15 days. © 2008 AirTight Networks, Inc. All rights reserved. 5
  • 6. AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations You can use wireless handhelds or freeware tools on a laptop to periodically conduct such wireless vulnerabilities assessments. However, this approach has many limitations: It is manual and takes a lot of coordination Consolidation of data and reporting is very difficult It consumes valuable IT resources It is hard to repeat very frequently It is very expensive. You pay for handhelds, IT resource time and travel. It is not scalable for large retailers with thousands of locations across the globe An alternative approach is to use an automated system for wireless vulnerability assess- ment. Such a system provides 24x7 scanning, automatic vulnerability classification and consolidated reporting on a global scale at a fraction of the cost of manual assessment with wireless handhelds. AirTight is the only wireless vulnerability management company to offer a flexible, end- to-end solution that gives retailers visibility into their wireless security posture—and choice in how they manage it. SpectraGuard Online offers retailers a cost-effective, unbundled Wireless Vulnerability Management solution, delivered through an on-demand Software-as-a-Service (SaaS) model. There is no capital investment and no product obsolescence—just a small monthly service fee. Organizations can grow organically and pay only for what they need. This modular solution includes: Vulnerability Assessment service providing 24x7 wireless scanning to detect wireless activities, identify threats, identify and prioritize all wireless devices, and allow wireless security posture assessment. Regulatory Compliance service providing wireless compliance assessment capabilities for regulatory compliance standards such as PCI DSS. Vulnerability Remediation service providing instant notification of wireless vulnerabilities via email, automated or manual remediation capabilities for common threats, ability to track the location of wireless threats on a floor map, and the ability to visualize wireless signal spillage from corporate APs. SpectraGuard Enterprise provides retailers with a complete wireless intrusion prevention system that automatically identifies and blocks WLAN security threats. © 2008 AirTight Networks, Inc. All rights reserved. 6
  • 7. AIRTIGHT NETWORKS WHITE PAPER Retail Stores and Wireless Security—Recommendations About AirTight Networks AirTight Networks is the industry standard for wireless vulnerability management and the only company that offers a flexible, end-to-end solution that gives customers visibility into their wireless security posture and a choice in how they manage it. AirTight’s SpectraGuard Enterprise provides a robust wireless intrusion prevention system (WIPS). Its SpectraGuard Online service is the world’s first on demand wireless vulnerability management service which provides a flexible approach to addressing wireless vulner- abilities with no capital investment. AirTight’s patented technology delivers the key elements of an effective WIPS to eliminate false alarms, block wireless threats immediately and automatically and locate wireless devices and events with pinpoint precision. AirTight’s customers include global retail, financial services, corporate, education and government organizations. AirTight Networks is a privately held company based in Mountain View, CA. For more information please visit www.airtightnetworks.com Wireless Vulnerability Management AirTight Networks, Inc. 339 N. Bernardo Avenue #200, Mountain View, CA 94043 T +1.877.424.7844 T 650.961.1111 F 650.961.1169 www.airtightnetworks.com info@airtightnetworks.com © 2008 AirTight Networks, Inc. All rights reserved. AirTight Networks and the AirTight Networks logo are trademarks, and AirTight and SpectraGuard are registered trademarks of AirTight Networks, Inc. All other trademarks mentioned herein are properties of their respective owners. Specifications are subject to change without notice.