Information Security Leader, Author, Instructor and Speaker

How to change from WEP to WPA for PCI DSS compliance

Posted on April 16, 2010 in Articles | by

The clock is ticking! June 30, 2010 is the deadline for companies required to comply with the Payment Card Industry Data Security Standard (PCI DSS) to eliminate any use of Wired Equivalent Privacy (WEP) on their networks. This outdated standard uses insecure cryptography and hackers have clearly demonstrated the ability to penetrate WEP networks in a matter of seconds. With the release of PCI DSS 1.2 in late 2008, the PCI Security Standards Council set forth three new requirements for organizations using wireless networks:
Use strong encryption and authentication for all wireless networks. Do not deploy any new WEP networks.
Decommission any existing WEP networks by June 30, 2010.

Read the full article: How to change from WEP to WPA for PCI DSS compliance

Published in SearchSecurity on 04/16/10


Leave a Reply

Your email address will not be published. Required fields are marked *

Mike Chapple, CISSP, Ph.D.

Mike is an IT leader, information security professional, author, speaker and trainer with over fifteen years of experience in the field.

Full Biography