<p>As a high-level question, and posed as a Commotion 'outsider', I am curious what regulations actually stipulate PCI and HIPAA-level security considerations on what are still just wireless access points (WAPs).  Usually, these requirements focus on datacenters.  I am unaware of even commercial/enterprise WAP products that are capable of fully satisfying such requirements (since they're not really designed to).  Besides just being diligent about employing VPN-style isolation (e.g. tor, tinc, iptables rules) where is it possible.</p>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br>Reply to this email directly or <a href="https://github.com/opentechinstitute/commotion-router/issues/150#issuecomment-59836457">view it on GitHub</a>.<img alt="" height="1" src="https://github.com/notifications/beacon/3074564__eyJzY29wZSI6Ik5ld3NpZXM6QmVhY29uIiwiZXhwaXJlcyI6MTcyOTQ1NzAyMiwiZGF0YSI6eyJpZCI6NDYzNjc4NDR9fQ==--f4f3eda200d4b536709f6f5a479a13245c389541.gif" width="1" /></p>
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"View this Issue on GitHub","action":{"@type":"ViewAction","url":"https://github.com/opentechinstitute/commotion-router/issues/150#issuecomment-59836457","name":"View Issue"}}</script>