Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Technology PIN Security Data security data at rest, and in transit Transactional data Management data Software Patch Updates Intrusion prevention layered approach
In particular, please check the following areas of your software operating environment and associated systems. The Operating system o o o o o Remove all unnecessary components (preferably have the supplier do this before delivering the device). Keep up-to-date with patches (ensuring of course that OS customizations are not overwritten as part of the process). Minimize the number of services that automatically start up when the device boots (most standard services are not required for ATM operation). For Windows XP, apply the appropriate security settings for user rights and review all default policy settings for relevance to the ATM environment. Ensure event logs are monitored and stored in a tamper-proof manner.
Account security o o Enable only the number of accounts required for device operation and control access to those accounts with strong. passwords, with a lockout kicking in after three unsuccessful attempts. Command line access should not be permitted for day-to-day operations. Ensure that passwords for both user accounts and application access incorporate letters, numbers, mixed-case, and non-alphanumeric characters. These passwords should be changed periodically, with repeat usage prevented for as long as is practicable.
Access control o o o o ATMs should only connect to host systems via dedicated network segments, not those shared with general usage workstations and servers. Introduce firewall enforcement points along the communication path between ATM and host systems if possible; if network topology does not permit this, packet filters should be configured at each perimeter router that provides TCP/IP connectivity. Disable unused switch points and do not use network HUBS. In general, apply the principle of what is not specifically permitted should be denied.
Detection and prevention o o Apply network intrusion prevention, supported by appropriate monitoring and incident response policies and procedures. Install, use, and keep updated good-quality anti-malware software, and ensure any alert messages are sent to the appropriate internal personnel, not displayed on the device screen.
We urge all our members to acquire ATM Software Security Best Practices Guide and implement its best practices, as cyber space is a critical new security frontier.
Acknowledgment ATMIA would like to thank SafenSoft Inc and the ATM Software Security Committee for their inputs which has made this industry fraud alert possible.
About ATMIA (www.atmia.com) The ATM Industry Association is a global non-profit trade association with over 1,750 members in about 50 countries. Its mission is to promote ATM convenience, growth and usage worldwide, protect the ATM industry's assets, interests, good name and public trust; and provide education, best practices, political voice and networking opportunities for member organizations. In June 2003, ATMIA established the Global ATM Security Affiance (GASA) with the mission to employ global security resources in a united alliance in order to protect the ATM industry from criminal activity. For more information, contact Mike Lee at mike@atmia.com or Sharon Lane at sharon@atmia.com.