Archive for the ‘PCI’ Category

Will Target Breach Prompt Retailers to Raise the Security Bar?

January 8th, 2014

Did 2013 have to end with the somber news of a big credit card security breach? But it did! It is reported that 40 million credit cards were compromised in the security breach in stores of a major U.S. retailer Target. This is only a shade second to the earlier TJX breach in which 45 million credit cards were compromised. (After this blog was published, it was reported that the number of affected accounts in the Target breach is as high as 110 million, which would make it more that double the TJX breach!)

After any breach, and surely after the breach of such dimension, discussion on the data security issues at the retailers escalates. Earlier, the TJX breach resulted in stricter wireless PCI (Payment Card Industry) compliance requirements. The current Target breach can also trigger tightening of the compliance requirements. This breach may also prompt IT, security and compliance managers at major retailers to take a hard look at the information security aspects of the various technologies that they have deployed. Add to it the fact that retailers are aggressively deploying mobile and wireless technologies like POS, kiosks and tablets in stores. What are some of the core issues they should be looking at?

Read more…

Compliance, PCI, Retail , , , , , , , ,

Going Beyond the Checkmark: All Things PCI

June 27th, 2013

Airtight automated PCI compliance reporting

by Lina Arseneault


AirTight’s compliance with the PCI Data Security Standards (DSS) continues to be at the heart of our initiatives to secure the retail environment. We remain focused on enhancing and going beyond the standards, which has been our mission since day one.

Lately we’ve been upping our PCI activities. Check out our latest thinking and developments now and upcoming :




8 Steps to Secure Retail Wi-Fi | AirTight INFOGRAPHIC
8 Steps to Secure Retail Wi-Fi | AirTight INFOGRAPHIC

AirTightPCI Infographic


Get a quick snapshot of the 8 critical factors that must be addressed to secure, scale and manage your retail Wi-Fi locations.  View the AirTightPCI Infographic.


AirTightPCI Audio ebook

Listen to AirTightPCI ebook

Listen to AirTightPCI ebook


Satisfying your PCI compliance and data security requirements is complex enough, but adding wireless vulnerability scanning and remediation shouldn’t add any more effort or expense. Here are 8 considerations for choosing your wireless PCI compliance solution.


Listen to the AirTightPCI audio ebook - the companion piece to the  infogrpahic.


Read more…


Why retailers embrace cloud for Wi-Fi access, PCI and wireless security

June 26th, 2012

Retailers are increasingly looking to deploy Wi-Fi in their stores. They want to provide guest Wi-Fi to their patrons and also want to deploy in-store applications such as wireless POS and printers, wireless kiosks, wireless digital signage, and HQ network access over Wi-Fi. Coupled with these business drivers there is also a wireless PCI compliance requirement to protect credit card transactions. Retailers however face some unique challenges which were hitherto not met by traditional autonomous or controller Wi-Fi solutions. Now cloud managed Wi-Fi has made it quite feasible for them to achieve these goals.
Read more…

PCI, Retail, WiFi Access, Wireless security

AirTight satisfies PCI wireless scanning requirement in under 5 minutes

April 1st, 2010

Wireless PCI Compliance in just 5 Minutes

This new product video from AirTight Networks shows how easy it is to automate your wireless PCI vulnerability scanning. AirTight SpectraGuard Online can be configured and running in as little as 5 minutes and 3 easy steps. AirTight eliminates the need to send staff to remote locations with a mobile analyzer to conduct the routine PCI scan for rogue APs. IT professionals should find this refreshing.

Watch AirTight’s wireless PCI scanning video

PCI, Wireless security

Cost Stifles PCI DSS Compliance, Many Perceive Wireless as Top Threat: New Survey Finds

September 27th, 2009

An interesting survey on PCI DSS compliance was recently published by the Ponemon Institute.  There are many interesting findings in the survey some of which I summarize here.

One thing that strongly comes out is that though PCI DSS compliance is perceived as contributing to an organization’s security posture, cost factors are pestering. 60% of the respondents have said that they do not have sufficient resources to manage PCI DSS compliance even though it seems they are spending one third of their security budget on PCI DSS compliance. Another interesting and equally troubling data point that comes out of the survey is that 71% respondents say that their organizations do not have data security as enterprise level strategic initiative. No wonder TJX type breaches happen!

The data security problem is going to only get harder in the future as new networking technologies evolve; most notably wireless and Web2.0. In fact, already 38% percent respondents in the survey have said that that they think the most serious security threats are located in wireless devices. Rightly, PCI DSS has also added wireless scanning control into the compliance pack.

So it is clear that we need low-overhead enablers for organizations to achieve and maintain PCI DSS compliance. At least for wireless PCI DSS compliance, we at AirTight have developed a hosted wireless scanning solution to make PCI DSS compliance cost effective and effortless. Would like to hear from others what they think are the ways to help organizations achieve compliance without much cost and complexity.

PCI , , , , , ,

PCI Security Council Clarifies Wireless Security Requirements for PCI DSS Compliance

July 23rd, 2009

Any organization handling payment card data should pay immediate attention to the PCI DSS Wireless Guideline published by the PCI Security Standards Council Wireless Special Interest Group last week.

PCI Cardholder Data Environment Wireless Threats

Wireless Threats That Can Compromise PCI DSS Compliance

 The key highlights are:

Read more…

PCI , , , , ,