?
Solved

Wireless networks & PCI

Posted on 2014-07-29
1
Medium Priority
?
186 Views
Last Modified: 2014-11-26
We are currently going through a PCI compliance project and I wanted to know IF our wireless network was IN-SCOPE. The PCI standard says that wireless systems connected to the CDE environment are in-scope; however, the wireless network in our environment would only have HTTPS access to the web server in the CDE -- the same access as someone from the Internet. Having said that, is our wireless network IN-SCOPE? Why or why not? Thanks in advance!
0
Comment
Question by:nsgguy245
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 2

Accepted Solution

by:
dshin10 earned 2000 total points
ID: 40227000
Take a look at this:

https://www.pcisecuritystandards.org/pdfs/PCI_DSS_Wireless_Guidelines.pdf

Page 5,6,7

If the wireless access point is wired to the inscope CDE environment, then those wireless clients are inscope, if the wireless access point is not wired to the inscope CDE environment but has logical access through TCP/IP to the inscope CDE environment, then it is not PCI compliant.
0

Featured Post

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
A look at what happened in the Verizon cloud breach.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question