Customer Service:
Mon - Fri: 8:30 am - 6 pm EST


ANSI X9.112-2009

Wireless Management and Security - Part 1: General Requirements

In today's world, both private and public sectors depend upon information technology systems to perform essential and mission-critical functions. In the current environment of increasingly open and interconnected systems and networks, network and data security are essential for the effective use of information technology. Privacy and regulatory requirements highlight this need. For example, systems that perform electronic commerce must protect against unauthorized access to confidential records and unauthorized modification of data. Wireless technologies are rapidly emerging as significant components of these networks. As such, data classification and risk assessments should be performed to determine the sensitivity of, and risk to, data transmitted over wireless networks. Various methods and controls should be considered for data that is sensitive, has a high value, or represents a high value if it is vulnerable to unauthorized disclosure or undetected modification during transmission over wireless networks. These methods and controls support communications security, for example by encrypting the communication prior to transmission and decrypting it at receipt. Note that data classification and risk assessments, regardless of whether data transmission is over wired or wireless environments, should be part of an organization's general security policy and best practices. Refer to Annex A, Wireless Validation Control Objectives, for further details. Part 1 of this Standard provides an overview of wireless radio frequency (RF) technologies and general requirements applicable to all wireless implementations for the financial services industry. Subsequent parts of this Standard will address specific applications to wireless technology and associated risks, as well as technologies, methods and controls that mitigate those risks. Note that other wireless non-radio frequency technologies, such as infrared and lasers are considered out of scope of this Standard. For the purposes of this Standard the use of the terms "shall" and "must" are requirements and therefore mandatory, whereas "should" is a recommendation. Refer to Annex B Wireless Technology for examples.

Content Provider
Accredited Standards Committee, Inc. - Financial Industry Standards [ASCX9]


As the voice of the U.S. standards and conformity assessment system, the American National Standards Institute (ANSI) empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment.