Recommendations for securing your ATM fleet!
Logical attacks (i.e. malware & black box attacks) can impact any ATM architecture across the industry if basic security configurations are not employed. It is critical that all ATM operators remain proactive and vigilant, and support those efforts with multi-layered, logical and physical security strategies.
Edge One and NCR would like to remind all customers of the key, major recommendations for securing your ATM fleet:
Prevent booting from a removable media (including disabling auto play)
BIOS editing must be password protected
Establish an adequate operational password policy for all passwords
Implement communications encryption (SSL encryption or VPN)
Establish a firewall
Remove unused services and applications
Deploy an effective anti‐virus mechanism
NCR recommends active whitelisting applications which go beyond traditional antivirus programs
Establish a policy for secure software upgrades
Ensure the application runs in a locked down account with minimum privileges required
Define different accounts for different user privileges
Establish a regular patching process for all software installed
It is important to consider the environment, and scale the physical security protecting the ATM accordingly. ATMs in unattended public locations are at highest risk.
The following best practice guidelines for all ATM’s are strongly recommended, but specifically for those in higher risk ATM environments.