PCI Compliant WiFi is a must for all businesses. Nowadays, guest WiFi is no longer considered a luxury; it is something that most customers demand. When you consider the fact that most people would rather leave home without their wallet than their phone, you can see the need to be connected in the digital age. Not only will you be catering to customer demand, but you can maximise profits, as customer WiFi offers huge marketing potential. The only issue is compliance, which is why it is imperative to select a WiFi provider with a considerable amount of care. Read on to discover more.
When choosing a guest WiFi provider, the first thing you should look for is compliance. Not only do you need to comply with PCI DSS, which is something we will go into in further depth in the upcoming paragraphs, but there are several UK laws that apply. This includes the Data Protection Acts, the Digital Economy Act, and the Data Retention Act. The latter requires business owners to retain data for a minimum of 12 months, and it details the way data must be stored. The Digital Economy Act relates to copyright infringement, and the role you play in preventing this from occurring on your network. Finally, the Data Protection Acts detail how you should make an effort to secure data, and they require you to provide individuals with the data you have about them if they request it. This can be a lot to get your head around. The best thing to do is choose a 100 per cent legally compliant WiFi solution. This will give you full peace of mind. You should never simply assume that all customer WiFi solutions are compliant.
PCI DSS stands for Payment Card Industry Data Security Standard. They have put 12 requirements in place that all businesses need to follow if they store, process, or transmit cardholder data. So, how does this apply to guest WiFi? Well, there are wireless security standards that are covered within the 12 requirements, which is why it is always important to look for PCI compliant WiFi. Unfortunately, this is something that a lot of people overlook. One thing that you need to do on a quarterly basis is test the Cardholder Data Environment (CDE) for the presence of rogue wireless devices. What does this mean? Under PCI DSS, all businesses are required to create a CDE. Basically, this involves LAN segregation, which means everything on the network will be divided. All cardholder information and other confidential data will be held in the CDE, with access restricted so that the chance of a data breach occurring is reduced considerably. Therefore, you need to test the CDE for rogue wireless devices, which means any wireless PC that is attached to your network but is unknown, unauthorised, and unmanaged.
Another thing you need to be concerned with is data retention. In every PCI DSS requirement, the importance to track everything on your network and keep records is reiterated. Not only this, but the Data Retention Act highlights the importance of keeping a hold of all data from your customer WiFi network for a minimum of 12 months. This is because you need to have the ability to identify those who have been on your network. This involves tracking traffic data and location data, which you can then use to trace the source of communication. This is vital because if anyone does anything illegal on your network, for example, downloads an illegal film, or accesses content relating to terrorism or child pornography, you will be able to identify the guilty party. If you do not adhere to these regulations, you could be viewed as an accomplice to the crime, which could lead to huge fines and even imprisonment. Thus, the type of data you need to retain includes the likes of date and time of log in, user ID, name, address, IP Address, date of log in, time of log in, and service used, such as HTTP, IMAP, and SKYPE.
Of course, when choosing a guest WiFi solution, you need to make sure it is going to be profitable for your business and provide your customers with the level of service they want. There are many public WiFi providers to choose from, and you need one that is going to give your business great marketing potential. You should receive real-time data about all of your connected customers, which you can use to target your marketing messages more effectively, and other features, such as customised landing pages. Nevertheless, the backbone of compliance is a must. It doesn’t matter how good a solution seems, if it is not compliant it is going to end up costing you a lot more money in the long run. This is why it is advisable to look for a company that has a huge stance on security and can promise compliance with PCI DSS, the Data Protection Acts, the Data Retention Acts, and all other applicable legislation. You can be sure this is the case with the legally compliant WiFi solution from Retail Secure.
If you are interested in PCI compliant WiFi for your business, Retail Secure has exactly what you need. As security experts, you can rest assured that this is an area of our business we take very seriously. Security is at the forefront of all of our products. Not only is our guest WiFi compliant with PCI DSS, but it complies with all applicable legislation, including the Digital Economy Act and the Data Protection Acts. Despite this, it offers huge marketing potential in the form of customised landing pages and real-time customer analytics. To discover more, head to www.retailsecure.co.uk.