It seems that over the past year, the topic of PCI has bombarded news outlets to a point of oversaturation. As a result, the influence of network security has fallen considerably, with many organizations seeking to achieve compliance instead of addressing underlying security needs. Wendy’s (www.wendys.com
) franchisee Wendelta, a subsidiary of the Carlisle Corporation (www.carlislecorp.com
), has significantly benefitted from a proactive, multi-layered network security approach that addresses field support, PCI compliance requirements and the proper integration of wireless Internet.
Often overlooked, field support plays a significant role in successful network
maintenance and security. Most restaurant back office scenarios involve a plethora of cables that are routed to the main switch and/or gateway. These cables are the backbone of a business and the technology within. To control cost efficiency, it can be more feasible to implement field support instead of employing an on-site technician. Constantly growing and improving technology within the company, Wendelta needed to have some type of organization with a labeled structure in place. The addition of safe validators, digital menu boards, security systems, confirmation boards and many other technologies can quickly complicate things.
For Carlisle, as the list grew so did the problems. A store with a register issue would move cables to get the system back online while unknowingly disconnecting another network device. This would go unnoticed until the corporate office attempted to access the now disconnected device. To address the growing back office confusion, Carlisle decided to implement an enclosed 6U cabinet which contains 2 switches and a 48 port pass-through patch panel (for growth). With this set-up, managers can only access the patch cables that are clearly labeled (safe, security system, register 1, etc.) for easy maintenance. Without proper guidance from field support, the security of an organization can present concerns. Through the implementation of Carlisle’s field support, the organization will address internal security matters such as defective hardware replacement, improper physical security and employee training. With these new measures in place, Carlisle is simplifying technology integration and making network performance and overall organization security a priority.
If you process credit card transactions, then you are well aware of the struggles to maintain a compliant status. However, with the right security measures in place and the right partner to help guide you, achieving and maintaining PCI compliance is feasible.
Identifying the cardholder data environment is the first step in this process. It is vital to learn where sensitive data flows throughout an organization’s network and determine a means to keep that information protected. Using a streamlined approach, Carlisle addressed the various layers of PCI including procedural requirements (i.e., unique IDs and passwords), monitoring requirements (i.e., quarterly vulnerability scanning, online SAQ submission), network security requirements (i.e., managed firewall, robust IP addresses) and validation requirements (i.e., remote access, two-factor authentication). As the Carlisle network has constantly grown, it has subsequently exposed more areas of concern. With the addition of each new technology, a network hole must be addressed and segmented to keep data in the right areas with nothing bleeding into another space. Partnering with BHI SecureConnect (www.secureconnect.com
) for more than five years, Carlisle has addressed its compliance needs through the foundation of a managed firewall and the various layers of security.
Implementing public Wi-Fi access is extremely marketable for restaurants. Many tech-savvy customers prefer restaurants with Wi-Fi, and will make loyalty decisions based on an organization’s ability to provide it. Carlisle has benefitted significantly from the added traffic and revenue that free wireless Internet generates.
Implementation of wireless Internet is more cumbersome and complex than simply plugging in an access point and connecting to the network. It is vital to rely on an expert that can properly segment the wireless network to address security concerns and PCI requirements. Utilizing the managed Wi-Fi solution, such as the one Carlisle uses from BHI SecureConnect, a restaurant’s private network is properly segmented to secure transaction of cardholder data and protected information. What this means is that public traffic on the network should not be visible to store traffic. The implication of an unprotected wireless network puts customer credit card information at risk, opening the door for criminals.
Robby Loyed is the IT Manager for Carlisle Corporation, based out
of Memphis, Tennessee.