Security Blog

Wireless Hotspots – The simple facts

May 26, 2011 — Brad Cyprus

We are in a digital age. Smart phones, tablets, computers, and game consoles all have wi-fi capability. If you run a business where your customers stick around for any length of time, they will look for a wireless network that allows them to keep connected. On the other hand, hackers search for these same wireless networks to see if they can penetrate the network and steal credit card data.  Many restaurants have learned the hard way that if they are not providing wi-fi, some of their customers wills seek out their competitors who offer it in their restaurants. Merchants have been terrified of providing wireless services because they do not want to suffer a breach like TJX who lost credit cards partly due to their wireless network.

The good news is that there are ways to minimize the risks of wireless while still providing the service customers are demanding. The key is to segregate the wireless traffic from the sensitive credit card traffic. This means that a firewall (at a minimum) must be in place to keep the wireless traffic away from sensitive data. The firewall must also be configured so that the sensitive network is unable to communicate to the wireless network. To describe this any further would be more technical than this blog was intended, so it is sufficient to say that any merchant who wants to incorporate wireless into their network should consult a security expert such as VendorSafe who understand the dangers and the requirements under PCI (Payment Card Industry Data Security Standard).

If you are going to tackle wireless on your own, and you are not a security expert, you can still offer the service if your segmentation is completely physical. This means that the wireless network is using its own Internet line, and the wireless access point has no connection to any equipment in the point of sale environment. In essence, you are creating a completely separate network for the wireless communication. This can be done safely without understanding much about networks. However, if you go down this path, you must make sure that the separation is not violated (someone comes in and connects both networks together), and you will be paying for an additional Internet connection.

There is no doubt that wireless is becoming a requirment for several businesses, but before implementing something, work out the security plan for the system first.

Take a minute to share this article

1 Trackback

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>