Meeting Challenging Wireless Security and PCI Compliance Demands with Pulse
Helping O.N.E. Hospitality Group meet and exceed PCI compliance standards with wireless and Bluetooth device threat detection
Industry: Restaurants & Food Services Products: Wireless Security
When One Hospitality Group implemented a state of the art point-of-sale (POS) system at 28 restaurant locations across the U.S., Director of Information Technology Mark Abbott wanted to ensure security was a priority. To expand the Vancouver-based company’s security strategy and infrastructure to meet this difficult challenge Abbott searched for a security solution that:
- Enables One Hospitality to exceed Payment Card Industry (PCI) compliance standards by continuously monitoring the Wi-Fi network and associated devices, and detecting device based threats
- Monitors and protects the PCI Wi-Fi network and Wi-Fi devices across all 28 restaurants in a single management platform
- Provides integrated vulnerability and pen testing across the dispersed network of restaurants
- Provides visibility and monitoring of the Bluetooth devices to protect against key sniffers and other rogue devices
Abbott found that Pwn Pulse was the solution for One Hospitality Group’s needs. Pulse provides an integrated, easy to deploy SaaS solution that addressed his wireless compliance concerns, and provides continuous security and risk management for the Wi-Fi network providing access to their new POS system.
Maximize Compliance, Minimize the Headache with Pulse
For One Hospitality, securing the new POS environment was priority number 1 and PCI compliance 1A. Both are difficult tasks given the distributed nature of the POS system. Pulse, however, goes above and beyond according to Abbott:
“Pulse exceeds many of the requirements for PCI compliance since it provides continuous monitoring of wireless devices and networks. So I am exceeding what PCI compliance requires because both the Wi-Fi requirement for PCI and penetration testing requirement for PCI are quarterly.”
Pulse meets the following challenges of complying with PCI security standards in distributed environments:
- Rogue Wireless Detection (PCI-DSS 11.1)- visibility and continuous monitoring to detect rogue devices on or near your network.
- Vulnerability Scanning (PCI-DSS 11.2)- Run distributed and continuous vulnerability scans on demand or trigger based.
- Change Detection (PCS-DSS 11.5)- Detect changes in configuration, connection behavior, etc. to protect your PCI environment. Detect authorized devices connecting to external or unauthorized networks.
- Penetration Testing (PCI-DSS 11.3)- Run distributed penetration tests against distributed sites
Armed with these capabilities, Pulse enhanced security for the new systems, streamlined PCI compliance for One Hospitality, and minimized the headaches during the transition to a 21st century point-of-sale system.
Abbot evaluated a number of alternatives before selecting Pwnie, an Outpost24 company. Network Access Control(NAC) and WIPS/WIDS were two of the solutions he evaluated.
WIPS/WIDS failed to meet three key requirements for One Hospitality: centralized monitoring and management, visibility of Bluetooth devices and the ability to also monitor the wired network from a single solution. “We didn’t want to manage each individual location separately, and WIPS/WIDS would have forced us to. We have a small IT security staff, so centralized visibility and management was a key requirement,” said Abbot.
NAC lacked the ability to track One Hospitality’s wireless infrastructure, detect wireless threats, and monitor Bluetooth and off-network devices. “We are using NAC based restrictions on both the firewall and the access point directly, but I needed to be able to identify when devices would go off and on to the guest network, which NAC doesn’t help with,” said Abbot.
Meeting the full set of PCI compliance regulations and securing a modern, distributed hotel and restaurant business takes a holistic security program. Monitoring and protecting wireless devices and networks is an absolutely critical aspect of such a security program and has historically been one of the most challenging aspects to address. Pulse addresses these needs across the entire organization in an easy-to-use, SaaS solution. With Pwnie Express, an Outpost24 company, One Hospitality is able to comply with all the wireless aspects of PCI-DSS, and help streamline their security operations at the same time.