Security service providers and enterprises that deal with sensitive credit card information received valuable wireless security guidance last week with the publication of a new report by the PCI Security Standards Council.
Known as the keeper of the PCI data security standards, PCI SSC released <a href=”https://www.pcisecuritystandards.org/education/info_sup.shtml
“> PCI DSS Wireless Guideline</a> to offer organizations greater clarity on how PCI DSS applies to wireless environments and advice on how to apply best practices in order to deploy wireless technology securely within payment card transaction environments.
The guidelines will likely be seen as a welcome relief to some who have complained that the main body of the PCI security standard is too ambiguous. Wireless breaches have been a well-publicized Achilles heel of retailers and other organizations within the PCI purview. Most notable among organizational wireless failings was the wireless weakness that was responsible, in part, for the TJX breach.
This new publication by the PCI SSC was the brainchild of its Wireless Special Interest Group (SIG), chaired by Doug Manchester, director of product security for VeriFone Holdings, and made up of representatives from other organizations such as Capita, The Information Assurance Consortium, McDonald’s, Motorola and Unified Compliance Framework.
““This first ever guide will help all in the payment chain, but particularly merchants, better understand the methods necessary to secure their wireless networks, or totally remove the networks from the scope of the DSS and the payment process,” Manchester said in a statement.
Bob Russo, PCI SSC general manager, says that organizations mandated to comply with PCI regulations can in the future expect to see more clarifying documents such as the one created by the wireless SIG. He says the council developed the wireless sig and three others—focused on virtualization, pre-authorization and scoping—in order to encourage more participation from member organizations and offer more targeted information to those unclear about the interpretation of the PCI standards.
“With the feedback from these groups, we anticipate a better, more specific understanding of the payment environment and further guidance on how organizations can adopt PCI standards to create a more formidable payment card security environment,” Russo said in a statement.
Stop Searching. Start Finding.
Find the trusted vendors and products that will meet your needs, compare the top solution and connect vendors in one place. Before you order the next, data management, office automation or IT hardware solution visit TechDirect. Click Here
Free 30-Day Endpoint Security Trial: VIPRE Enterprise
Optimize overall performance by melding antivirus, antispyware, client firewall and malicious website filtering together into one powerful engine. This combination of technologies gives you high-performance software that doesn't slow down users' PCs, is low on system resources, and makes it easy for you to protect your network. Click Here!
Using a technique called "flow switching," researchers from MIT are developing a model Internet that is significantly faster and more energy-efficient than today's technologies. Learn More
/ 9 
(Sponsor)
(Sponsor)
(Sponsor)
