Retail wireless security: a few considerations

Wireless computing can make your retail operation run more smoothly and quickly.

Retailers worldwide are making the move to wireless computing, both for the flexibility it brings to in-store operations and the speed it adds to business processes. Mobile platforms and wireless networks allow retailers to complete transactions and authorizations while collecting data from any location, at any time, with a variety of devices. The information gathered from these wireless devices allows retail managers at all levels to know sooner, decide smarter, and respond faster when it comes to market opportunities and changing customer preference. Today’s independent retailers are facing increased competition from not only from their brick-and-mortar competitors, but also from online services.

That’s why many retailers are now looking at new mobile solutions such as wireless sale (POS) terminals, wireless handheld checkout "line-busters," personal shopping assistants and self-service kiosks in addition to the traditional wireless hand-held devices used to receive & inventory merchandise in today’s retail stores. These new platforms offer retailers a flexible technology that adapts quickly and affordable to changing business needs but also puts sensitive data at serious risks unless measures are taken to restrict user access and protect wireless transmissions from eavesdropping and other methods of intrusion.

The protection of sensitive data is sometimes overlooked. To ensure that new vulnerabilities are not introduced into the corporate network, Kent Brost, VP of Security for WAV, Inc. >www.wavonline.com< offers the following tips and advice:

1. Do not use WEP (wired equivalent privacy) if at all possible. WEP’s security has been questioned, and is not recommended when transmitting financial or credit card transactions.

2. If using WEP, always change keys on a regular basis; do not use the default broadcast settings and turn off Broadcast SSID.

3. Implement a WLAN security solution that uses WPA (WI-FI protected access) rather than WEP. WPA addresses WEPs easily compromised solution by using improved data encryption through the temporal key integrity protocol (TKIP) which scrambles the keys using a hashing algorithm and adds an integrity-checking feature than ensures the keys have not been tampered with.

4. Implement a radius serverñbased user authentication solution like EAP (extensible authentication protocol). EAP-TTLSñbased solutions (such as the one from Funk Software >www.funk.com<) or Cisco’s LEAP (lightweight extensible authentication protocol) both authenticate and authorize the user via user IDs and passwords.

5. VPNs provide for the most secure solution. They’re widely supported by most operating systems, but not always supported by handheld devices

Your data is your lifeblood. Your customers depend on you to anticipate problems and to maintain sufficient security. Take the time to properly investigate your options for securing your wireless data.

Ben Bradley is president of BenBradley.net, a marketing and sales consultancy. Bradley can be reached at [email protected]

Related posts

Leave a Comment