[Commotion-admin] [commotion-router] Commotion router should be able to block all traffic to host's LAN from Mesh (#150)
Ben West
notifications at github.com
Mon Oct 20 16:59:51 EDT 2014
POS systems would indeed see some level of PCI requirements (since they receive credit card #'s), but I think the conventional approach is to use SSL for transport and, and for the POS to otherwise assume its connection back to merchant services to be unfriendly. Compare Square's credit processing, which uses SSL over whatever connection is available, and where locally collected personal info (card swipe data) is not stored locally in some fashion that could be compromised. Meraki, a commercial mesh wifi vendor, has whitepapers on their PCI and HIPAA compliance status, which are likely good points of reference:
https://meraki.cisco.com/lib/pdf/meraki_whitepaper_HIPAA.pdf
https://meraki.cisco.com/lib/pdf/meraki_whitepaper_PCI.pdf
HIPAA and PCI would be terrifying cans of worms to open. I think the usual approach is to not open them unless your legal council says you have to, and/or explain in thorough detail (cf. Meraki's white papers) your best efforts in performing the due dilligence that is possible. ;)
---
Reply to this email directly or view it on GitHub:
https://github.com/opentechinstitute/commotion-router/issues/150#issuecomment-59838814
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.chambana.net/pipermail/commotion-admin/attachments/20141020/9dd13c44/attachment-0001.html>
More information about the Commotion-admin
mailing list