Tablets can be an effective mobile option for accessing your Point-of-Rental software be it from an office room at your store or in a warehouse checking inventory. Security is of utmost importance because your server can have private customer data and cardholder data stored on it. This guide covers the remote connection of a tablet from either the store where the Remote Desktop Server resides or from a remote store connected securely to main store’s network.
Need-to-Know
A secure wireless access point at your store must be installed in order to connect a tablet. If you choose to deploy a wireless network infrastructure to support communications between deployed systems, or you connect a wireless network to the environment supporting the Point-of-Rental Software Enterprise application, you must do so in a manner compliant with the current PCI DSS standards. The secure deployment of a wireless network is solely your responsibility. In order for you to achieve PCI DSS compliance, the following guidelines must be followed for deployment of a wireless network:
• Wireless encryption keys must be changed from default at installation, and must be changed anytime anyone with knowledge of the keys leaves the company or changes positions;
• Default SNMP community strings on wireless devices must be changed;
• Default passwords/passphrases on access points must be changed;
• Firmware on wireless devices must be updated to support strong encryption for authentication and transmission over wireless networks;
• Other security-related wireless vendor defaults must be changed, if applicable; and
• Wireless networks transmitting cardholder data or connected to the cardholder environment must use industry best practices to implement strong encryption for authentication and transmission.
If you have wireless network deployed within your environment and it is not part of your cardholder network, a firewall is required between any wireless networks and the cardholder data environment. The firewall must be configured to deny or control any traffic from the wireless environment into the cardholder data environment.
Procedures
The tablet is to have access to an “App Store” where it can download applications. Find and download a remote desktop connection application. Search for “remote desktop” to get several options to choose from. Download and install one. The remote desktop connection application has three primary fields that must be filled in for you to connect – the server address, username and password. At this point it is no different than connecting a counter PC to the Remote Desktop Server to use the Point-of-Rental software. Use the server’s LAN IP address or hostname to connect to and a valid username and password for the Remote Desktop Server.