The decision to implement a converged technology within an organisation should be a conscious decision, however, with wireless there exists a very real threat of unauthorised implementations. This ultimately creates a risk to the information assets within an organisation, even when there is no perceived threat. So in the security policy the organisation can state its stance upon the installation of wireless access points, in that at the very least they must have prior authorisation and adhere to specific configurations. This policy is mandated as part of the PCI Standard Of course, one of the biggest challenges in protecting an organisation is that malicious outsiders (and possibly insiders) may disregard the policy. Therefore in addition to
