Really interesting article in Forbes by Verne Kopytoff on the reasons retailers have recognized the value of Wi-Fi for their customers and business processes. He notes that after years of resistance, stores have conceded that the shoppers have won the war. They want Wi-Fi and they will use their smartphones to check out deals.
There is no doubt that Wi-Fi has many positive effects on the shopping experience and, I would suggest, those effects outweigh the negatives of comparison shopping online in a store. There is also the obvious benefit of making sales associates more efficient and able to serve more customers faster. Anyone who has ever gone into an Apple store near Christmas – and really who has not – has experienced just how fast one can get in and out even in a crowd.
However since retail stores have been late to this party, they need to think about the security implications of adding Wi-Fi and continuing to comply with the PCI DSS wireless scanning requirements. Kopytoff points out that several large retailers added Wi-Fi capabilities just before the holiday season, which is unusual in and of itself since retailers rarely want to disrupt their systems too close to the holidays. In haste, they may have overlooked adding true Wi-Fi security processes to protect credit card data. It will be interesting to see if any problems arise during this season of manic shopping.
With the explosive growth of smart devices in the enterprise, Mobile Device Management (MDM) is a hot topic among IT departments these days. In order to secure the network and protect sensitive data on mobile endpoints, many organizations are deploying tools to secure, monitor, and manage smart devices accessing their networks. Installing an MDM agent on mobile assets gives the IT department the ability to enforce VPNs, remotely wipe data off stolen/lost devices, and ensure that devices under management by the IT staff are running the most current and secure applications.
But is this really enough to protect you?
No. In today’s “BYOD” (bring your own device) culture, the reality is that personal smart devices will continue to attach to your network. These devices may not have your favorite MDM agents running on them, thus exposing your network and data to security threats again. Enterprises need a “gatekeeper” control to ensure that only approved devices with an installed MDM agent can attach to the corporate network. By adding a strong WIPS solution to your enterprise security portfolio, you will have the ability to enforce such control and complete your mobile security strategy.
A robust wireless IPS solution (WIPS) will detect, identify and locate unauthorized smart devices connecting to the network, generate a real time alert or even better – block those unmanaged devices from connecting in the first place. Better yet, a good WIPS will allow you to define your security policy by device type, VLAN, and location. For example, iPhones could be allowed to connect to the guest network for Internet access, but could still be blocked from accessing the internal network.
Watch this technical webinar for more information.
The WiFi snooping row Google has gotten itself into seems to be far from over. In April, Google revealed that its Street View cars had been collecting basic data such as the MAC addresses and SSIDs of WiFi networks in the vicinity. But after German authorities asked Google to audit the data, it admitted to have been “mistakenly” snooping payload data from Open WiFi networks. Apparently, a piece of WiFi data analysis code, written by Google engineers back in 2006, was part of the software used by the Street View cars, in turn leading to the WiFi snooping (of about 600 GB of data across 30 countries!). Read more…
The Department of Telecommunications (DoT), Govt. of India, has set a June 2009 deadline for complying with its regulation on WiFi security. Here’s a position paper that evaluates the DoT regulation and suggests best practices for secure use of WiFi.