Solved

Wireless networks & PCI

Posted on 2014-07-29
1
182 Views
Last Modified: 2014-11-26
We are currently going through a PCI compliance project and I wanted to know IF our wireless network was IN-SCOPE. The PCI standard says that wireless systems connected to the CDE environment are in-scope; however, the wireless network in our environment would only have HTTPS access to the web server in the CDE -- the same access as someone from the Internet. Having said that, is our wireless network IN-SCOPE? Why or why not? Thanks in advance!
0
Comment
Question by:nsgguy245
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 2

Accepted Solution

by:
dshin10 earned 500 total points
ID: 40227000
Take a look at this:

https://www.pcisecuritystandards.org/pdfs/PCI_DSS_Wireless_Guidelines.pdf

Page 5,6,7

If the wireless access point is wired to the inscope CDE environment, then those wireless clients are inscope, if the wireless access point is not wired to the inscope CDE environment but has logical access through TCP/IP to the inscope CDE environment, then it is not PCI compliant.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

761 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question