About two and half years after the TJX debacle shook the retail industry, TJX reached a settlement with 41 US states that cost it $9.75 million. This is only part of the cost TJX is paying for ignoring its WiFi security. According to Reuters, the company is said to have set aside reserve fund of $107 million to cover losses. As a part of the settlement, TJX has agreed to meet “contemporary standards” of data security which includes upgrading its WiFi security.
This unprecedented security breach and the aftermath have, once again, brought to light the risks from unsecured WiFi networks. The PCI Security Standards Council responded well with new wireless security requirements in version 1.2 of its Data Security Standard (PCI DSS 1.2) . The intent is there. Let’s hope that the PCI guidelines get transfered from paper into practice and history does not repeat itself!
Kaustubh Phanse Best practices, Compliance, PCI, Wireless security PCI, TJX breach
Zero Day Attack is exotic name for hacks which will be realized in future and which we don’t know about today. Conventionally, it is believed that a zero day attack will create some anomaly in the network behavior and hence some form of anomaly detector can provide protection from zero day attacks. However, there have always been practical difficulties in implementing robust anomaly detector. Fortunately for 802.11 WLANs, there is also an alternative viable way to defend against zero day attacks.
Read more…
Hemant Chaskar Best practices, Wireless security zero day attack
Interesting post on CWNP back in March.
Douglas Haider compares the pros and cons of quarterly wireless vulnerability scanning vs. a full time wireless IPS to satisfy PCI DSS compliance requirement 11.1. Douglas writes:
“This requirement begs me to ask which is “better” option? Quarterly manual scans or a wireless IDS/IPS?
Maybe it’s the former IT auditor in me, but I think the best way to meet this requirement is by deploying a wireless IDS/IPS.
http://www.cwnp.com/community/articles/wireless_requirements_of_the_payment_card_industry.html
I agree, the goal of PCI is securing cardholder data than quarterly scanning can’t be taken seriously. Cost is obviously the biggest issue for merchants with multiple locations. But surely a hosted wireless scanning services with a low monthly fee would be cheaper AND provide round the clock security, wouldn’t it?
Hmmm… see my post AirTight on “Cloud Nine”.
Mike Baglietto Best practices, Compliance, PCI, Wireless scanning, Wireless security Overlay WIPS, PCI
My 12 yr old son was fiddling with his iTouch in the back seat of the car last week when it finally dawned on him that he could see several available wi-fi networks in our neighborhood from the front of the house . “Hey, I can connect to Marci’s wi-fi ! Can we sit in the driveway for a couple minutes so I can download some songs?”
Hmm.. Maybe I can use this to my advantage to get the kids in the car so we can actually be someplace on time. “Hey kids, better hurry, you only have 3 minutes to download songs before we go to the dentist.”
Mike Baglietto Wireless gadgets iPhone, WiFi
Live Alerts helps system administrators to quickly identify the ongoing vulnerabilities and performance related issues in an enterprise Wi-Fi deployment.
Before Live Alerts, it was very difficult for an administrator to identify the ongoing threats from the list of reported threats/anomalies. However, with the introduction of Live Alerts, he can now easily distinguish and prioritize between ongoing and past threats/anomalies.
Introduction:
Realizing mobility advantages in businesses, Wi-Fi is increasingly being deployed in corporate premises. However, due to the nature of Wi-Fi technology, an administrator has to face certain security and performance challenges while managing the corporate Wi-Fi space.
Read more…
Ajay Gupta Wireless security Alerts, WIPS
Date: Tuesday, June 16, 2009
Time: 11:00 AM, Pacific Daylight Time (San Francisco, GMT-07:00)
To register click here
This informative Webinar offers a practical guide for selecting a WLAN security solution.
Dr. Hemant Chaskar, Director of Technology at AirTight Networks explains the prevalent methods for wireless access point detection and classification.
Attendees will learn:
- The difference between active and passive approaches to wireless intrusion prevention
- The core capabilities of different approaches to wireless intrusion prevention
- What to look for when testing systems to assure that there are no gaps in WLAN security
- How to judge when you need more capabilities than you currently have
After the event, attendees will receive a sample test plan to help plan their own comparative testing among vendors.
Della Lowe WLAN planning, Wireless security active AP detection, Cam Table, passive AP detection, WLAN security
Wi-Fi telephony is the upcoming technology that can be set up on existing enterprise Wi-Fi network and empowers enterprises with voice mobility benefits in an easy, scalable and cost-effective way.
Increased deployment of superior Wi-Fi networks to achieve wireless data access and increased adoption of VoIP technologies to make cost-effective calls has led the concept of Wi-Fi telephony to emerge in the recent years.
With Wi-Fi telephony in place, voice mobility can be achieved in an easy to use and inexpensive way. Voice mobility in general refers to flexibility for users to make telephone calls from any place within a premise. Enterprise premises empowered with voice mobility have more productive employees, increased employee convenience and improved business process resulting in faster decision making, increased responsiveness and greater overall productivity and efficiency. Read more…
Ajay Gupta Wireless gadgets Voice Mobility, VoIP, Wi-Fi Telephony
Early 802.11b APs used to have 1 antenna on them, which later became 2 in the 802.11g/a era, which now have become 3 or 6 in the current 802.11n era. So why do number of antennas keep changing as WLAN technology advances to every next generation.
Read more…
Hemant Chaskar 802.11n, Wireless gadgets 802.11n, diversity, MIMO, multipath, smart antenna
