Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Wi-Fi access for retail: Tips on how to address key challenges

Ajay Kumar Gupta | April 25, 2011
There is no shortage of Wi-Fi access solutions out there, but retail deployments represent unique challenges.

The ranks of Wi-Fi-capable smartphones and tablets grows on a daily basis and users increasingly expect reliable Internet access everywhere they go, including retail operations. For the latter, planning/deploying Wi-Fi access is critical in the following ways:

* Improved customer convenience and interaction. Customers will favor operations that provide Internet access and, when they are connected to in-store Wi-Fi, that represents an opportunity to launch compelling customer interaction services for customer convenience and new sales initiatives.

* Improved operational productivity/efficiency. Inventory management can be made smoother and more efficient with in-store Wi-Fi. Voice mobility, for effective in-store communication, can also be turned on. Mobile, Wi-Fi-enabled POS (point of sale) terminals can be given to sales associates to conduct sales transactions on the sales floor. All such steps contribute to increased productivity and staff efficiently.

There is no shortage of Wi-Fi access solutions out there, but retail deployments represent unique challenges.

A typical retail enterprise, for example, will have several stores across various geographies, so it is preferable to have a centralized management/monitoring tool to control Wi-Fi access at all locations. This facilitates single-point rollout of access policies as well as collective surveillance of the ongoing Wi-Fi activity. A centralized structure also saves investments in full-time or part-time resources that might be required to individually manage the Wi-Fi access at store locations.

Traditional SOHO Wi-Fi solutions lack centralized control, while enterprise-grade solutions are primarily designed for a campus environment with hundreds of access points. Moreover, the centralized control is often provided through a hierarchy of dedicated controllers adding to the overall complexity.

In contrast, retail will usually only require one, two or three APs at each store, but there can be a large number of stores across geographies. So a Wi-Fi access solution with centralized control should:

a) Handle a large number of geographically distributed Wi-Fi networks.

b) Be simple to use and not require dedicated administration or maintenance. An Internet cloud-based central control system with no customer premises equipment would be invaluable.

c) Provide an easy method to configure and push a common set of Wi-Fi access and security policies across any logical segment of the Wi-Fi network.

d) Scale easily to accommodate additional geographies and stores.

Security is obviously another challenge for retail Wi-Fi. A number of retailers have already been exploited, with TJX being the most famous.

SOHO Wi-Fi solutions targeting homes and SMEs lack the provision for Wi-Fi security monitoring. Enterprise Wi-Fi solutions provide some degree of security monitoring, but many are costly and complex. The ideal Wi-Fi access solution for retailers should have the following security measures at a minimum:

a) Centralized control of wireless security monitoring at all store locations.

b) Adequate coverage and monitoring of the store's airspace to detect potential threats and subsequently generate the corresponding alerts and reports.

c) Availability of first line of defense to curb potential damages from a possible intrusion.

d) Low frequency of false positive and negative threats to efficiently utilize the deployed manpower and resources.

In fact, the PCI DSS Wireless guidelines published in July 2009 spell out many wireless security requirements. There are universal PCI wireless requirements and still others when Wi-Fi forms a part of the Cardholder Data Environment.

The path to PCI compliance can be tedious, messy, time consuming and frustrating. Traditional enterprise Wi-Fi solutions do not cater to the specific needs of retail, so retail Wi-Fi access solution should have provisions to continuously and automatically meet the applicable PCI wireless compliance requirements. They should also have the ability to schedule, generate and deliver PCI wireless compliance reports.

SURVEY ON PCI: How it's impacting network security

The final challenge, of course, is cost. Traditional enterprise grade Wi-Fi access solutions typically have a high total cost of ownership because they are complex to configure, deploy, operate and maintain, requiring dedicated equipment, personnel and time.

The alternative solution in SOHO-grade Wi-Fi Access Points, but they completely lack enterprise-grade reliability and robustness and support few or none of the retail specific Wi-Fi needs.

In absolute terms, a retail-specific Wi-Fi access solution should fulfill the following criteria for reliability and low cost of ownership:

a) The solution should be enterprise-grade in terms of reliability and robustness.

b) Deployment and installation should be simple and eliminate the need for dedicated time of highly skilled personnel.

c) Operate with a minimum of hardware accessories such as network ports, power points, etc. Functions such as security scanning and compliance reporting should be built into the Access Points, saving the cost of additional accessories/devices. Also, no in-house equipment should be required to aid in functions such as remote centralized management.

d) The procurement and operational costs should be low. For example, the solution could be based on a pay-as-you-go subscription model to enable retailers to start in-house Wi-Fi access quickly, without planning and arranging for significant capital expenditure.

In summary, retail Wi-Fi access has peculiar needs, which traditional Wi-Fi solutions can only partially fulfill. Deploying traditional Wi-Fi access tools can turn out to be complex, messy, inefficient and expensive. Hopefully these tips will help you zoom in on a Wi-Fi retail solution that will work best for you.

Gupta is team lead for product development at AirTight Networks. He has been in the field of wireless security for more than five years and is a frequent contributor to leading security magazines and blogs. AirTight's pioneering Cloud Services family of cloud-hosted subscription services delivers the world's first and only "No Capex" multitenant WIPS, PCI wireless compliance and controller-less WLAN access solutions all in a single device.


Sign up for MIS Asia eNewsletters.