Presentation Title 9/20/2019 1 CyberSecurity Self Service Devices Humberto Gonzalez Arias Director Seguridad DN Mexico & LAM [email protected]September 2019 1| DIEBOLD NIXDORF | ATMIA MEXICO | CUSTOMER CONFIDENTIAL Leveraging our Substantial Expertise to Benefit Customers
14
Embed
PotLuck Forum - CyberSecurity Self Service Devices · 2019. 9. 20. · Presentation Title 9/20/2019 1 CyberSecurity Self Service Devices Humberto Gonzalez Arias Director Seguridad
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Understanding ATM malware threatsVynamic Security, 3 components catering for specific security requirements
Intrusion Protection
Hard Disk Encryption
Access Protection
PrePrePrePre----FabricatedFabricatedFabricatedFabricated security policy enforcing industry and security best industry and security best industry and security best industry and security best practicepracticepracticepractice, delivering compatibly and compliance e.g. SANS, SANS, SANS, SANS, NIST, PCI NIST, PCI NIST, PCI NIST, PCI etc.
Mitigating potential risk Mitigating potential risk Mitigating potential risk Mitigating potential risk by reducing the inherent Operating System attack surface
Industry compatible User and User Group Industry compatible User and User Group Industry compatible User and User Group Industry compatible User and User Group privilege policy privilege policy privilege policy privilege policy for both AD and non-AD driven environments
Extended event logging Extended event logging Extended event logging Extended event logging enabling the support audit trail creation /
Understanding ATM malware threatsVynamic Security, 3 components catering for specific security requirements
Access Protection
Hard Disk Encryption
Intrusion Protection
RealRealRealReal----Time Time Time Time protection protection protection protection and alerting againstagainstagainstagainst both known and unknownunknownunknownunknownthreats delivering so-called zerozerozerozero----day day day day protectionprotectionprotectionprotection
Protection based on behavioral Protection based on behavioral Protection based on behavioral Protection based on behavioral and not static rules covering all aspect of the runtime environment
Protection against unauthorized usage of Protection against unauthorized usage of Protection against unauthorized usage of Protection against unauthorized usage of USB USB USB USB peripheral devices (USB devices,
hard/thumb drives etc.)
Upholding the integrity Upholding the integrity Upholding the integrity Upholding the integrity ofofofof the complete runtime runtime runtime runtime environmentenvironmentenvironmentenvironment incl. all file types, registry, binaries etc.
Secure (remote Secure (remote Secure (remote Secure (remote –––– local) software installation local) software installation local) software installation local) software installation process process process process for all Sw. packages independent of Sw.
distribution solution
Protection against Protection against Protection against Protection against memory attacks memory attacks memory attacks memory attacks and unauthorized access / usages
Understanding ATM malware threatsVynamic Security, 3 components catering for specific security requirements
Access Protection
Intrusion Protection
Hard Disk Encryption
Military grade Military grade Military grade Military grade - National Security Agency (NSA) approved AES-256 bit real-time encryptionencryptionencryptionencryption.
Retro fittable Retro fittable Retro fittable Retro fittable via either remote (via Sw. distribution) or locally (technician)
Supporting TPM Supporting TPM Supporting TPM Supporting TPM (Trusted Platform Module) for storing the encryption /
decryption keys
Central management Central management Central management Central management of all configuration capabilities incl. incl. incl. incl. RecoveryRecoveryRecoveryRecovery and Forensic Forensic Forensic Forensic toolsettoolsettoolsettoolset
RealRealRealReal----TimeTimeTimeTime on-the-fly data Encryption Encryption Encryption Encryption ----decryptiondecryptiondecryptiondecryption