Secure Networking Solutions for the Retail Industry

Have you considered the cost to your business from a network security breach?A security breach in retail is the one mistake you cannot afford! ADTRAN® can help you avoid the pitfalls of security breaches by providing you with an understanding of Payment Card Industry (PCI) compliance, how it applies to your business network, and by offering you a suite of robust networking appliances that adhere to PCI secu-rity standards.

Security breaches are real—with recovery costs exceeding $200 million dollars in many recorded cases. Small to mid-size merchants are the most vulnerable sector with more than 80 percent of attacks on payment card systems targeting Level 4 merchants—those who process less than one million payment card transactions a year. PCI compliance is a small price to pay to ensure security of your customer’s confidential credit card information.

Prevention: The Key to SuccessToday, it is critical to business success that your communications network provides the security required for protecting your customer’s data and your business reputation. Whether you process only a few credit card transactions each month or many thousands, without the correct secu-rity mechanisms in place all businesses are at risk of becoming a target for a security breach. Among the largest breaches recently recorded, all were preventable had the merchants been PCI compliant, according to the PCI Standards Security Council.

Featuring ADTRAN NetVanta Networking Solutions: n Secure cardholder data by

adhering to PCI standards for network equipment

n Provide carrier-class function-ality for business networking

n Provide performance-enhanced wire-speed through-put capabilities for secure, faster processing of credit card transactions

n Support network services ranging from Carrier Ethernet, T3, T1, DSL, and 3G wireless

n Offer a variety of modular platforms so there is no need to overhaul the networking equipment when upgrading carrier services

n Alleviate network downtime with disaster recovery solutions

n Provide mobility for employees and customers with integrated Wi-Fi® functionality

n Increase the overall customer experience in retail networks with unique capability like 3G wireless access for wireless checkout or cell phone functionality

n Offer affordability and reduced total cost of ownership

n Provide value with best- in-class solutions, industry- leading warranties (min. 5 years) and free firmware updates and access to pre- and post-sales design and installation support

n Maintain a secure PCI- compliant network by consistently verifying network settings with built-in diagnostic tools such as the Security Audit Tool

What You Need to Know About PCI and How ADTRAN Can HelpUnderstanding PCI Data Security Standard (DSS): Are you in compliance? As a retailer, you already know the term “PCI compliance.” This standard, established by the Payment Card Industry, is designed to protect a customer’s credit card data from being compromised as it is processed and stored by a merchant. As part of the PCI

Data Security Standard (PCI DSS), the specific component of the credit card data that must be secured is the Primary Account Number (PAN), along with any sensitive

authentication data printed on or stored in the magnetic stripe on the credit or debit card. This is the information most often targeted and used by a hacker to create duplicate credit cards.

All merchants are required to be in full compliance with the PCI standard—even if you process only a single credit card transaction a year. Assessing, implementing and maintaining PCI security for your business will provide peace of mind while bestowing confidence in your customer that they can return to you again and again. ADTRAN NetVanta® solutions can provide you with the networking foundation for secure PCI compliant business transactions.

Affordability: ADTRAN Lowers TCO for Retail NetworksIn challenging economic times, ADTRAN under-stands that you, as a retailer, have to be strategic in your IT spending decisions. PCI DSS compli-ance is critical and yet it is still only one of many objectives you have when investing in your net-work. Smart investment decisions mean your IT dollars are used to ultimately increase the overall customer experience, prevent loss, and obtain and maintain PCI compliance.

ADTRAN, a value leader, provides quality networking and security appliances that aid you in increasing the overall customer experience and adhering to PCI standards for networking hardware.

ADTRAN offers cost-effective,

performance-enhanced networking

solutions designed to secure the

retailer’s confidential data transmission.

Security breaches can be extremely costly with the price tag and impact to your business including not only recovery expenses but also any or all of the following:

• Loss of customer confidence

• Lost sales and revenue

• Drop in volume of eCommerce transactions

• Lower stock price

• Expensive legal settlements

• Fines and penalties for non-compliance

ADTRAN is an ISO 9001, ISO 14001, and a TL 9000 certified

supplier.

EN1348A October 2009Copyright © 2009 ADTRAN, Inc.

All rights reserved.

n Broad product lines satisfy diverse networking requirements

n Carrier-class equipment deployed in major U.S. and International carrier networks

n Innovative switch-router product line

n Standards-based, full-featured, high- performance routers

n Comprehensive installation and maintenance programs

n World-class pre- and post- sales technical support

n One of BusinessWeek’s Top 100 Growth Companies

n Over 20 years experience and long-term profitability in the telecommunications industry

ADTRAN At-A-Glance

TL19.1270

Secure Networking Solutions for the Retail IndustryFeaturing ADTRAN NetVanta Communications Products

Gaining PCI Compliance: The ADTRAN Solutions AdvantagePCI standards and adherence are not limited to simply the Point-of-Sale (POS) Terminals and e-Commerce sites of retailers. This compliance, mandated by acquiring banks processing credit card transactions considers the overall scope of the credit card transaction network including storage devices, security cameras, and networking hardware and software solutions. ADTRAN’s internetworking, routing, switching, and security solutions adhere to the PCI requirements for networking equipment.

ADTRAN NetVanta products provide integrated fire-wall, VPN, and authentication capabilities necessary to protect cardholder information as it transverses the scope of the network from the POS Terminal to the Service Provider’s access point. Providing robust firewall and secure encryption parameters, ADTRAN solutions enable the segmentation, authentication and encryption of credit card data from the rest of the network, thus limiting the overall PCI scope. Customers can have confidence that their cardhold-er data is isolated and hidden from public access with the ADTRAN solutions in a PCI compliant net-work without compromising network performance.

Our NetVanta line of business-class IP-based net-working solutions includes performance–enhanced

routers featuring ADTRAN’s innovative RapidRoute™ technology for faster business processing over secure encrypted network access; managed Gigabit, Power over Ethernet (PoE), and Fast Ethernet switch-es with integral Quality of Service (QoS) and network access control parameters for superior data security; IP telephony platforms including unified communi-cations systems; and a complete line of wireless access solutions. All of these platforms provide versatility to address a wide array of applications and customer demands with integral ease-of-use features like web-based configuration wizards; inno-vations such as power conservation; remote moni-toring, configuration, and maintenance capabilities; and market-proven reliability. The NetVanta line also includes a variety of disaster recovery options to alle-viate network delays or downtime during customer checkout in the event of a network outage.

Your retail establishments may also benefit from 3G or Wi-Fi access for mobility with the optional NetVanta wireless capabilities. In addition, the new Security Audit Tool built into the ADTRAN Operating System allows network administrators to regularly verify key network security parameters in an ongoing effort to maintain PCI compliance and protect data transmission.

PCI Compliance At-A-GlancePCI Compliance includes ensuring the following are incorporated into your network— Data Network and Security Controls:

• Implement a stateful inspection firewall on each public network connection

• Password implementation and restrictive network access

• Encrypting, truncating, masking and hashing cardholder data (PAN)

• Encrypting cardholder data across a public network (including Wi-Fi, broadband, TDM, or wireless broadband access)

• Implementing the latest security patches and firmware updates to cardholder data equipment

• Protecting devices used for point-of-sale

• Developing and maintaining secure systems and applications

• Monitoring physical access to data network

• Regularly assessing and auditing the PCI network

NetVanta Ethernet Switches NetVanta Routers NetVanta IP Telephony