Wireless Security Best Practices and PCI Compliance

Wireless data breaches are on the rise, so organizations must take a proactive approach to prevent security vulnerabilities and threats.  As I promised in my post yesterday, Top 4 Mobility Trends, I’m going to take a look at some of the best practices for maintaining your wireless security and meeting PCI compliance.

The six control objectives for PCI DSS (Payment Card Industry Data Security Standard) compliance are:

1. Build and Maintain a Secure Network

2. Protect Cardholder Data

3. Maintain a Vulnerability Management Program

4. Implement Strong Access Control Measures

5. Regularly Monitor and Test Networks

6. Maintain an Information Security Policy

You can read the accompanying requirements for each of these objectives and download the specification from the PCI Security Standards Council.

In addition to PCI requirements, AirDefense recommends these other best practices to keep your data secure:

  • Monitor security 24/7
  • Educate employees about the risk of unauthorized devices
  • Maintain and review audit logs daily
  • Implement wireless scanning of all locations each quarter
  • Implement wireless scanning even if you have no wireless
  • Maintain day-to-day security and compliance will follow

AirDefense provides an enterprise solution that simplifies PCI compliance, rogue wireless management and intrusion protection.  For more information about the AirDefense solution you can download the white paper “Preventing Wireless Data Breaches in Retail.”