Host-based Protection for ATM's

Similar documents
Protecting Point-of-Sale Environments Against Multi-Stage Attacks

SYMANTEC DATA CENTER SECURITY: SERVER ADVANCED 6.5

SYMANTEC DATA CENTER SECURITY: MONITORING EDITION 6.5

Cyber Security Services: Data Loss Prevention Monitoring Overview

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

Symantec Endpoint Protection

Symantec Control Compliance Suite Standards Manager

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Symantec Messaging Gateway 10.6

Partner Technical Support Benefits Quick Guide

Symantec Enterprise Vault for Microsoft Exchange Server

Securing OS Legacy Systems Alexander Rau

Asset Discovery with Symantec Control Compliance Suite

Protecting PoS Environments Against Multi-Stage Attacks

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Securing Mobile App Data - Comparing Containers and App Wrappers

Confidently Virtualize Business-critical Applications in Microsoft Hyper-V with Symantec ApplicationHA

Microsoft Office 365 Migrations with Symantec Enterprise Vault.cloud

Symantec Cyber Security Services: DeepSight Intelligence

Finding Security in the Cloud

5 Must-Haves for an Enterprise Mobility Management (EMM) Solution

Backup Exec 2014: Protecting Microsoft SQL

Backup Exec 15: Protecting Microsoft SQL

Achieving Business Agility Through An Agile Data Center

Symantec Server Management Suite 7.6 powered by Altiris technology

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

The Symantec Approach to Defeating Advanced Threats

Symantec Mobile Security

Symantec Client Management Suite 8.0

Payment Card Industry Data Security Standard

DATASHEET CONTROL COMPLIANCE SUITE VENDOR RISK MANAGER 11.1

Backup Exec 2014: Protecting Microsoft SharePoint

How to Unlock Agility by Backing up to, from, and in the Cloud

Best Practices for Running Symantec Endpoint Protection 12.1 on Point-of- Sale Devices

Symantec Mobile Management for Configuration Manager 7.2

Delivering a New Level of Data Protection Resiliency with Appliances

Delivering Performance and Value through Multiple Deduplication Pools

Top 5 Reasons to Choose User-Friendly Strong Authentication

Keeping GE Healthcare Universal Viewer Highly Available with Symantec ApplicationHA

Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities

2012 Endpoint Security Best Practices Survey

Symantec Endpoint Protection

Symantec Mobile Management 7.2

Symantec Advanced Threat Protection: Network

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

Best Practices for Running Symantec Endpoint Protection 12.1 on the Microsoft Azure Platform

Symantec Enterprise Vault for Microsoft Exchange

Symantec Enterprise Vault and Symantec Enterprise Vault.cloud

Backup Exec 15: Protecting Microsoft Hyper-V

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

How To Secure Your System From Cyber Attacks

Reducing the Cost and Complexity of Web Vulnerability Management

How To Monitor Your Entire It Environment

Simplify Your Windows Server Migration

Data Sheet: Archiving Symantec Enterprise Vault Store, Manage, and Discover Critical Business Information

How To Buy Nitro Security

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

WildFire. Preparing for Modern Network Attacks

Symantec RuleSpace Data Sheet

ALERT LOGIC FOR HIPAA COMPLIANCE

Capstone Compliance Using Symantec Archiving and ediscovery Solutions

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

IBM Endpoint Manager for Core Protection

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Closing the Vulnerability Gap of Third- Party Patching

5 Steps to Advanced Threat Protection

Balancing Cloud-Based Benefits With Security. White Paper

How Endpoint Encryption Works

S E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M. Bomgar. Product Penetration Test. September 2010

INFORMATION PROTECTED

Data Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement

PROTECTION FOR SERVERS, WORKSTATIONS AND TERMINALS ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Athena Mobile Device Management from Symantec

Symantec Enterprise Vault for Microsoft Exchange

Symantec Mobile Management 7.1

Inspection of Encrypted HTTPS Traffic

Leveraging a Maturity Model to Achieve Proactive Compliance

8 Steps to Holistic Database Security

Symantec Messaging Gateway 10.5

Did you know your security solution can help with PCI compliance too?

Endpoint Security More secure. Less complex. Less costs... More control.

Proven LANDesk Solutions

Symantec Endpoint Protection

GFI White Paper PCI-DSS compliance and GFI Software products

Stay ahead of insiderthreats with predictive,intelligent security

Demystifying Virtualization for Small Businesses Executive Brief

North American Electric Reliability Corporation (NERC) Cyber Security Standard

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

FISMA / NIST REVISION 3 COMPLIANCE

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

The Impact of HIPAA and HITECH

End-user Security Analytics Strengthens Protection with ArcSight

SolarWinds Security Information Management in the Payment Card Industry: Using SolarWinds Log & Event Manager (LEM) to Meet PCI Requirements

Guideline on Auditing and Log Management

Endpoint Protection Small Business Edition 2013?

Making the difference between read to output, and read to copy GOING BEYOND BASIC FILE AUDITING FOR DATA PROTECTION

Transcription:

SOLUTION BRIEF:........................................ Host-based Protection for ATM's Who should read this paper ATM manufacturers, system integrators and operators.

Content Introduction........................................................................................................... 1 Symantec Embedded Security: Critical System Protection................................................................. 1 System Hardening and Application Control................................................................................ 2..................................................................................................... 2 Deployment........................................................................................................... 2 Beyond Host-based Protection........................................................................................... 2

Introduction Automated Teller Machines (ATM's) are one of the most highest value customer touch points in in the banking industry. Customers are demanding extra services and more user-friendly interfaces. Banks are demanding more cost effective solutions for interfacing with their customers. ATM s now need increased flexibility to meet customer expectations and so are becoming more capable and connected than ever before. Providing a direct interface to cash inevitably makes ATM s a target in a numerous and sophisticated ways with new methods being regularly exposed. Attack methods extend from physical (such as skimming and pin cameras) to virtual through malware. Above all, the customer must trust the ATM. Assuring integrity from the very start of the supply chain through to the installers and operators are essential. Banks and ATM operators must protect their ATM's and meet their compliance obligations for operating in a heavily regulated industry sector. But doing so can be challenge. ATM's can be considered a single use device, they have a dedicated function, run a specific application with predictable input and output. Yet ATM's are frequently built using common operating systems such as Microsoft Windows, capable of so much more than required. They are subject to vulnerabilities and often exploited in similar fashion to a laptop or workstation. Symantec Embedded Security: Critical System Protection Symantec Embedded Security: Critical System Protection can help. It provides a policy-driven host based, least privilege approach to endpoint security and compliance. Symantec Embedded Security: Critical System Protection has two enforcement components that can be independently activated on ATM systems, prevention and detection. The prevention component has proactive enforcement rules that can stop malicious activity before it occurs, the detection component monitors for system activity as it occurs and can trigger event based actions. Both components provide granular control over logging using policy settings to give visibility into actionable events as well as the efficient management of high volume events necessary for regulatory or forensic purposes. Thus, in combination, the two components provide unique capabilities to both secure a system and to address regulatory compliance requirements. This includes regulations such as PCI-DSS that requires companies to deploy file integrity monitoring for critical system and application files changes. Detecting that an important operating system binary like svchost.exe was recently modified is very different from preventing the modification in the first place. Symantec Embedded Security: Critical System Protection lets you configure and use both detection and prevention as needed to address your auditing, compliance, and security requirements. Protection Intrusion Prevention System Hardening Application Whitelisting Application Sandboxes Vulnerability & Patch Mitigation Detection Real-Time Monitoring & Auditing File Integrity Monitoring Configuration Monitoring User Access Tracking Logging & Event Reporting 1

System Hardening and Application Control Controlling what applications can run on your ATM devices is one of the most vital steps to protecting against unauthorized access and attack. Symantec Embedded Security: Critical System Protection policies provide thousands of pre-built rules that comprehensively monitor and harden the operating system of enterprise systems and require minimal tuning. Memory controls detect buffer overflows and unusual memory allocation and permissions complimenting an effective device hardening strategy. Single use devices such as ATM terminals perform predictable functions, meaning the device should always be in a known state, with known applications performing known behavior Symantec Embedded Security: Critical System Protection can be configured to enforce application whitelisting, ensuring only predefined programs can be executed with specific attributes controlling the manner in which they are called. Furthermore, program execution can be contained within a sandbox, allowing strict control over the behavior of the application. This is particularly useful where operating system permission levels allow unnecessary actions to be carried out. Privilege de-escalation can be configured, ensuring that even an Admin user account can have its ability constrained to the minimum functions necessary for the device purpose. Adding another layer of security to your defenses, Symantec Embedded Security: Critical System Protection provides rules based system level and as well application level firewalls to block network-based attacks against your ATM's. The firewall lets you restrict which applications on ATM systems can communicate on the network, which ports they can use, and what they are allowed to talk to. To circumvent network restrictions and application controls, some cybercriminals will try to steal credit card data through physical access to an ATM. As ATM's become more advanced with computer-like characteristics, the methods for unauthorized physical access often increases. Symantec Embedded Security: Critical System Protection enables you to block and granularly control devices connected to your ATM systems' communication interfaces, such as USB ports. It can prevent all access to a port or only allow access from certain devices. The Symantec Embedded Security: Critical System Protection detection policies monitor files, settings, events and logs, and report anomalous behavior. Features include sophisticated policy-based auditing and monitoring; log consolidation for easy search, archival, and retrieval; advanced event analysis and response capabilities. To further harden the device it provides a combination of file integrity monitoring and registry integrity monitoring. Deployment Symantec Embedded Security: Critical System Protection can be deployed in managed and standalone mode. This is particularly useful for device manufacturers who create an out of the box security policy for their product ensuring the device is adequately hardened from the moment it is activated. Manufacturers, integrators and device operators may choose to deploy the agent after market on devices being newly deployed or previously installed. Administrators can opt for configurations where the agent will communicate with the management console for policy updates and reporting providing real time visibility of your security posture. Symantec Embedded Security: Critical System Protection supports modular installation of components, deploying only the code required to perform the protection and/or detection functions as defined in the agent configuration. This allows manufacturers and device operators to efficiently deploy in resource-constrained environments. Beyond Host-based Protection Controlling what can and can t be run on a machine is only part of the ATM protection story. Best practices like code signing and protection, secure management, authentication and encryption all play a part in a robust ATM security strategy. To find out more about protecting ATM s and single use devices visit http://www.symantec.com/iot 2

About Symantec Symantec Corporation (NASDAQ: SYMC) is an information protection expert that helps people, businesses and governments seeking the freedom to unlock the opportunities technology brings anytime, anywhere. Founded in April 1982, Symantec, a Fortune 500 company, operating one of the largest global data-intelligence networks, has provided leading security, backup and availability solutions for where vital information is stored, accessed and shared. The company's more than 19,000 employees reside in more than 50 countries. Ninety-nine percent of Fortune 500 companies are Symantec customers. In fiscal 2015, it recorded revenues of $6.5 billion. To learn more go to www.symantec.com or connect with Symantec at: go.symantec.com/socialmedia. For specific country offices and contact numbers, please visit our website. Symantec World Headquarters 350 Ellis St. Mountain View, CA 94043 USA +1 (650) 527 8000 1 (800) 721 3934 www.symantec.com Copyright 2015 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 9/2015 21359121

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information