NEWS

WIRES

OTHER

AirTight Launches New Low-Cost Wireless PCI Scanning Services; New Offerings Satisfy PCI DSS Requirements

New SpectraGuard Online Services Allow Merchants to Meet Updated PCI DSS Requirements for 60 to 75 Percent Below the Cost of Competitive WIPS Solutions

AirTight Networks, the leading provider of wireless intrusion prevention systems (WIPS) and the first and only company to offer a hosted wireless security and vulnerability management service, today announced the addition of two new entry level PCI compliance scanning services to its SpectraGuard® Online portfolio. The new services provide merchants of all sizes with a simple, cost effective and automated way to meet or exceed the PCI DSS wireless requirement which mandates quarterly scanning of ALL locations for wireless threats with no capital outlay or additional administrative resources.

With the two new offerings, SpectraGuard Online meets not only the needs of Level one merchants who want full WIPS capabilities but prefer to use a SaaS model with no up front capital expense, but also smaller merchants down to level four who must meet the PCI DSS standard for wireless but need a low cost solution with no overhead costs.

The two new levels of service offered by AirTight are:

--  PCI Quarterly Scan Service: PCI report delivered monthly
--  PCI Quarterly Scan + Alerts: PCI report delivered monthly plus real-
    time alerts via email for PCI compliance related wireless threats
    

The new services offer a radically less expensive alternative to any competitive solution available today with pricing as low as $20 per month for a single location.

"Meeting the wireless PCI requirements has traditionally been a confusing, disruptive and tedious effort for many merchants who are scanning multiple locations using manual processes and free tools. The PCI SSC document makes it clear that those businesses must scan all locations every quarter for unauthorized wireless devices to protect that data. SpectraGuard Online simplifies this process at price points that make it easy to justify and relieves merchants of the burden of dedicating part time resources for routine scanning and reporting," said Samir Palnitkar, General Manager of AirTight's Online Solutions.

"As a leading Qualified Security Assessor (QSA), Digital Resources Group (DRG) directs its customers to best of breed security products and services that help them comply with expanding PCI DSS requirements. Through our partnership with AirTight and their SpectraGuard Online WIPS service offering, we see a leading edge wireless security product that fills a much needed gap for our customer base which is seeking easy and cost-effective solutions as they struggle with wireless threats and the evolving PCI DSS requirements," said Jim Cowing, Managing Director and Lead QSA of DRG.

"AirTight's new quarterly PCI scanning and reporting services are especially compelling for large enterprises, which may have hundreds or even thousands of locations around the globe, because they deliver wireless PCI scanning for 60 to 75 percent lower cost than other competitive WIPS solutions. Smaller merchants looking to eliminate the manual scanning and reporting process will garner the benefits of an automated hosted service without having to dedicate additional resource to meet compliance," Palnitkar added.

For merchants with authorized wireless in the cardholder data environment (CDE), the PCI DSS Wireless Guideline recommends a centrally controlled wireless IDS/IPS to monitor for unauthorized access and detect rogues and misconfigured wireless devices, Additionally, the standard recommends enabling wireless IPS features that automatically disable rogue wireless devices connecting to the CDE as well as accidental or malicious associations of wireless clients, historical logging of wireless access that can provide granular wireless device information and store event logs and statistics for at least 90 days and setting and enforcing wireless usage policies.

"The Wireless Guideline is a valuable clarification of what companies need to do to comply with the wireless networking related PCI requirements. Our research at the PCI Knowledge Base indicates that the vast majority of companies do not consistently meet the daily wireless access log reviews which the PCI DSS wireless guidelines recommend. There is, therefore, a need for all companies subject to PCI DSS to study these new guidelines to ensure their deployments meet these criteria in order to pass an audit," said David Taylor, CIISP, Founder, PCI Knowledge Base.

Customers who wish to use SpectraGuard Online can now choose the new options referenced above for quarterly wireless scanning or the monitoring and remediation options previously offered in SpectraGuard Online:

--  24x7 Wireless Monitoring Service: 24x7 monitoring, console access
    (security dashboard & forensics), real-time alerts via email, and unlimited
    reports
--  24x7 Wireless Remediation Service: Monitoring service plus automatic
    or manual prevention, RF heat maps and location tracking
    

How SpectraGuard Online Works

SpectraGuard Online is a true 'hands off' solution. The customer installs pre-configured wireless sensors (plug-and-play), responds to a few wireless setup questions and, within 72 hours, begins to receive wireless vulnerability reports by email. Customer data is hosted in a SAS70 certified co-location facility designed for security and high availability.

Using SpectraGuard Online, customers:

--  Incur no capital expenditures
--  Pay only for the wireless security features needed
--  Have an affordable and predictable total cost of ownership
--  Do not need to be concerned with hardware or software obsolescence
--  The unique AirTight wireless security service allows customers to
    choose what they need and to easily add additional capabilities as their
    needs expand or their business grows
    

You can follow AirTight on Twitter @AirTightWIPS

Read and comment on the AirTight Networks Blog

About AirTight

AirTight Networks is the global leader in wireless security and compliance solutions providing customers best-of-breed technology to automatically detect, classify, locate and block all current and emerging wireless threats. AirTight offers both the industry's leading wireless intrusion prevention system (WIPS) and the world's first wireless vulnerability management (WVM) security-as-a-service (SaaS). AirTight's award-winning solutions are used by customers globally in the financial, government, retail, manufacturing, transportation, education, health care, telecom, and technology industries. AirTight owns the seminal patents for wireless intrusion prevention technology with 11 U.S. patents and two international patents granted (UK and Australia), and more than 20 additional patents pending. AirTight Networks is a privately held company based in Mountain View, CA. For more information please visit www.airtightnetworks.com

AirTight Networks and the AirTight Networks logo are trademarks; AirTight and SpectraGuard are registered trademarks of AirTight Networks, Inc. All other trademarks are the property of their respective owners.