Cisco: Wireless AP Upgrade Goes Beyond PCI
"Wireless payments are becoming the norm in stores, and even PCI 2.0 doesn't quite fit the bill of what retailers fully need in terms of securing wireless transactions," said Chris Kozup, senior manager of mobility solutions at Cisco. "Cisco believes that investing in a wireless intrusion prevention system is the most holistic approach."
The software update, which is a free download for customers of Cisco 802.11n-grade APs, includes Cisco Adaptive Wireless Intrusion Prevention System (wIPS) Enhanced Local Mode (ELM).
Among the highlights are that Cisco's Adaptive wIPS can now run on the same APs as the customer's wireless data network, where before separate APs were required for scanning and data access. The update also eliminates the need for overlay, third party wireless IPS solutions, according to Cisco -- everything the customer needs is better contained, and the customer doesn't have to buy more third party products.
Also new is a PCI compliance-specific reporting function for Cisco's Wireless Control System. The System had a PCI compliance report capability previously, but the updated function can offer a PCI summary report, and filter out and report on individual locations or devices in the wireless network. The ELM update also goes hand in hand with CleanAir, Cisco's wireless monitoring offering, to maximize what and how an organization monitors its wireless infrastructure.
PCI DSS is a standard for security used by the major credit card organizations on the PCI Security Standards Council, and the standard is re-evaluated every three years. The most recent update, 2.0, was ratified this month.
Thanks to the prevalence of wireless transactions, especially in retail environments, basic PCI compliance shouldn't be businesses' only focus, Kozup emphasized.
According to Cisco, 29 percent of companies use wireless networking to transmit cardholder data. The numbers are higher in retail, at 33 percent, and in financial services, at 35 percent. But about half of all companies use quarterly scanning, physical inspection and other less-than-preferred security methods, Kozup said, because they're perceived as less expensive.
The savvier companies, he said, know that a data breach can be catastrophically expensive -- they're not coming up to PCI standards or investing in wireless security just to do it.
"They're not just looking at PCi as a checkbox item, but looking at comprehensive security," Kozup said. "I could be PCI compliant and do enough to avoid the noncompliance fees, but still suffer a data breach, and that's a much higher cost to me and much higher losses."