N.Y. county throws cold water on hot spots


Westchester County, N.Y., has enacted what may be the first law in the nation requiring Internet cafes and other similar commercial entities to secure their wireless networks to prevent identity theft and other computer fraud.

The law, which goes into effect 180 days from today, requires commercial businesses that store, use or maintain personal information electronically ' such as a retail store that uses a wireless network to process credit card transactions ' to take minimum security measures. County officials said the measures could be as simple as installing a network firewall, changing the system's default service set identifier (SSID), or disabling SSID broadcasting with minimal effort and little to no additional cost.

'We know there are many unsecured wireless networks out there, and any malicious individual with even minimal technical competence would have no trouble accessing information that should be kept confidential,' Westchester County Executive Andy Spano, who signed the bill into law today, said in a prepared statement. The county Board of Legislators approved the bill April 10.

'It would be nice if these businesses took the necessary steps on their own to ensure their networks were kept secure, but the sad fact is that many don't,' he added. 'That's why we're taking it one step further and making it a law.'

The law does not apply to residents who use wireless networks in their homes.

The county Department of Consumer Protection's Division of Weights and Measures will enforce the law. A first-time violator will receive a warning and 30 days to correct the situation. For a second violation, the business will receive a $250 fine. Further violations will result in $500 fines. The county also produced a brochure and

In a related move, the county Department of Public Safety established the state's first Digital Crime and Investigation Unit, a two-man team dedicated to searching the Internet for criminals involved in identity theft, fraud, pedophilia and cyber bullying.

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group