With more enterprises deploying wireless LANs and employee-owned WiFi devices flooding enterprises, wireless LAN forensics is becoming a key component of any network forensic audit — whether to prove compliance with a regulation such as PCI DSS or in response to a security incidence. But wireless presents unique challenges to forensic audits.

Last month, at RSA 2010 conference in San Francisco, I had the oppourtunity to discuss this issue with experienced auditor and certified PCI QSA Jim Cowing. Here you can view the video recording of an abridged version of our RSA 2010 talk “Anatomy of a Forensic Audit: How Wireless Changes the Game.”

Let me summarize the highlights from the talk: Read more…

Kaustubh Phanse Best practices, Compliance, PCI, Wireless scanning, Wireless security Forensic audit, PCI DSS, WIPS, Wireless forensics, Wireless Intrusion Prevention

Any organization handling payment card data should pay immediate attention to the PCI DSS Wireless Guideline published by the PCI Security Standards Council Wireless Special Interest Group last week.

Wireless Threats That Can Compromise PCI DSS Compliance

 The key highlights are:

Read more…

Kaustubh Phanse Compliance, PCI, Wireless security PCI, PCI DSS, PCI SSC, Rogue AP, WIPS, Wireless security

AirTight is presenting a weekly series of Webinars, entitled, “How the PCI Wireless Guidelines Apply to You,” which are aimed at helping organizations understand the wireless scanning requirements of the PCI DSS release this month by the PCI SSC and provide practical information on how to address those requirements to prove compliance. The Webinars will be held each Thursday at 11 A.M. U.S. California time beginiing on July 23, 2009. Those wishing to register for the first of the series may do so by following the link above. After that there will be a document on AirTight’s website which will allow you to choose a convenient date for yourself.

Della Lowe Compliance, PCI, Wireless scanning, Wireless security PCI DSS, PCI SSC, wireless guideline