tekservePOS

tekREVIEW Newsletter

 Updates and Analysis for Retail IT Teams

 #18  Thursday 18 March 2010

printPrint

Can your PC Breath?

Overheating can cause a lot of damage to your PC. To avoid this damage, there are several ways to ensure proper ventilation most of which are free. The easist thing to do is to make sure your PC or POS has a enough breathing room on all sides that have vents. The standard is 3 to 4 inches. This can be challenging in tight cash wraps - so place as much room as you can allow.

 

Secondly, ensure that the vents of the PC or POS is clear of papers, supplies or dust bunnies - all of which can hinder the fans effectiveness.

 

Click here for more tips on how to keep your PC cool.

 

 

Six Tips for PCI Compliance of Wireless Peripherals

March 17, 2010

Provided by Zebra Technologies

The Payment Card Industry Data Security Standard (PCI DSS) is a set of 12 requirements for enhancing payment account data security. Stricter wireless security requirements in new version 1.1 mean many wireless computers, printers and other peripherals retailers use every day do not comply. A single, non-compliant networked device can put the entire network at risk. Below are six tips for complying with the PCI DSS v1.1 requirements relevant to wireless peripherals or click here to download the PDF.

 

PCI DSS v1.1 Requirement Comment
 Solution
2—Do not use vendor-supplied At one defaults for system passwords and other security parameters. At one time it was common to deploy wireless LANs secured with default passwords and security configurations, but this practice has largely been abandoned in favor of more secure methods. Activate security settings during installation (some systems default to security turned off); create original passwords. Older systems should be reviewed to make sure they are compliant.
3—Protect stored cardholder data. This requirement primarily applies to information held in data and devices that encrypts stored data to enterprise applications. Software is available for mobile devices that encrypts stored data to prevent unauthorized access if the device is lost or stolen.
4—Encrypt transmission of cardholder data across open, public networks. PCI considers wireless LANs to be public networks. Internet and cellular transmissions are also covered by this requirement. Merchants who wirelessly process payments for delivery, service, home sales and other remote commerce are also covered by the public network requirement. WPA, WPA2, 802.1x, 802.11i and other
standard wireless LAN security protocols provide data encryption. Wide area networks provide encryption.
4.1—Use strong cryptography and security protocols such as secure 
sockets layer (SSL)/transport layer
security (TLS) and Internet protocol (IPSEC) to safeguard networks.
sensitive cardholder data during transmission over open, public networks.

This requirement applies to wired and wireless, stationary and mobile, and local or Web communications over public networks.

 

 Support for SSL, TLS and IPSEC is available for wireless peripherals. Pay careful attention to specifications because there are different varieties of these protocols, so compatibility with the network infrastructure is not assured.
4.1.1—Never rely exclusively on wired equivalent privacy (WEP) to protect confidentiality and access to a wireless LAN. WEP was the default security for many early 802.11-standard implementations. Most of these systems have probably been upgraded, but again, older systems should be checked. The PCI standard defines WPA, WPA2 9referenced above) and VPNs as the acceptable alternatives to WEP.
4.1.1—If WEP is used, do the following: use with a minimum 104-bit encryption key and 24 bit-initialization value; rotate shared WEP keys quarterly (or automatically if the  technology permits); rotate shared maintenance operations.
WEP keys whenever there are changes in personnel with access to keys; restrict access based on media access code (MAC) address.		 WEP can be used if it is used together with PWPA, WPA2, VPN or SSL/TLS. Most of these requirements can effectively be addressed during system configuration. Mobile management systems can automatically rotate WEP keys and automate maintenance operations.

 

Comments

Post a comment
rss RSS
No comments.
Drive Down Costs and Increase Sales with a Managed Print Solution - Fri, 19 March

Provided by Xerox

 

It’s no secret – the retail industry today is facing severe pressure to reduce costs as consumer confidence remains low and revenues decline. Competition for every dollar is intense, inventory cycles are shorter than ever, and employee turnover remains high. A distributed, in-house printing solution could help drive down costs, increase sales and better serve the next generation of savvy and demanding consumers.

0 Comments
Read more Read more

Key Encryption Tips Worth Sharing

Our PED/ PIN Pad Encryption facility is up and running! Only "street legal" for about 30 days and to date, about 10,000 units in the queue to be encrypted.... We are quickly learning - there is still much to be learned here! As we go through the process, we thought we might be able to provide some additional "value" in this area to our customers by sharing some of what we are learning.

 

Read more >>

tekservePOS & Partner News

HP has introduced a touch-enabled (POS) system for retailers seeking to cost-effectively manage their businesses. The compact system maximizes work space and includes a centralprocessing unit, touch-enabled display, magnetic stripe reader andeither a two-line customer display or a 10.4-inch LCD customer display.

Read more »

Honeywell has announced an expansion to its Dolphin® 6000 product line with the introduction of the Honeywell Dolphin 6500 mobile computer, a lightweight solution fit to meet in-premise needs for retail, supply chain and other light-industrial environments.
 

Read more »