Open A Service Order 800-423-3343 (EDGE)

ATM Software Maintenance and Security - Edge One

Software Maintenance

divider

image of a hand interacting with ATM software

Recommendations for securing your ATM fleet!

Logical attacks (i.e. malware & black box attacks) can impact any ATM architecture across the industry if basic security configurations are not employed. It is critical that all ATM operators remain proactive and vigilant, and support those efforts with multi-layered, logical and physical security strategies. Keeping up with ATM software maintenance is a must.

Edge One and NCR would like to remind all customers of the key, major recommendations for securing your ATM fleet:

Software Security

Prevent booting from a removable media (including disabling auto play)

BIOS editing must be password protected

Establish an adequate operational password policy for all passwords

Implement communications encryption (SSL encryption or VPN)

Establish a firewall

Remove unused services and applications

Deploy an effective anti‐virus mechanism

NCR recommends active whitelisting applications which go beyond traditional antivirus programs

Establish a policy for secure software upgrades

Ensure the application runs in a locked down account with minimum privileges required

Define different accounts for different user privileges

Establish a regular patching process for all software installed

Physical Security

It is important to consider the environment, and scale the physical security protecting the ATM accordingly. ATMs in unattended public locations are at highest risk.

The following best practice guidelines for all ATM’s are strongly recommended, but specifically for those in higher risk ATM environments.

Utilize an alarm that will alert when the Top Box is opened

NCR Skimming Protection Solution provides this functionality

Card Reader Guards (CRG) – The addition of a bar that makes it virtually impossible for the type of applique, or overlay skimmers

L3 Dispenser – Dispenser encryption is enabled by default on all SelfServ ATMs, however, the authentication level must be configured to L3

NCR also recommends the use of other deterrence methods such as; Surveillance monitoring, which will also detect and record suspicious activities around the ATM

Adequate ambient lighting

Call us today at 1-800-423-3343 and let us know how we can help you with your software and Security needs.