Security Management Strategies for the CIOAccess "Interview: Jim Kirkhope of NCR"
This article is part of the May 2008 issue of Seven questions to ask before committing to SaaS
Securing corporate networks against insider attacks is a difficult challenge to be sure. But how do you prevent such attacks on 1.5 million ATMs worldwide? That's the job of Jim Kirkhope, global manager for ATM network security at NCR, who sees it as an inside-out proposition and one that doesn't necessarily include traditional security software. JIM KIRKHOPE There are established ways of locking down desktops and servers. How do you secure a network of ATMs? With ATMs, the real threats are the insider threats. We have a number of things we do. The majority of the ATMs are Windows-based now. We lock the machines down to the NSA guidelines and use the XP firewall. But, really, you're never going to keep an eye on them all. There are a lot of people out there maintaining ATMs; a lot of people are touching these machines. What led to your decision not to integrate antivirus on your ATMs any longer? My feeling: AV was AV was AV. They all did the same thing. When we shipped our machines, we would integrate what the customer wanted. But in the security industry ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
SaaS Offering Handles SSO
TechFocus: New Password Hell?
- Viewpoint: Let's add policy to GRC
-
Product review: CodeArmor 2.2 for Microsoft .NET
APPLICATION SECURITY
-
Security Services: Webroot Email Security SaaS
At Your Service
-
Identity Management Suites Enable Integration, Interoperability
IDENTITY MANAGEMENT Feature-rich product suites are putting a face on integration and interoperability.
-
SaaS Offering Handles SSO
-
-
Secure Computing SafeWord 2008 product review
Secure Computing SafeWord 2008 delivers identity management and access control for Windows systems using tokens that generate secure single-use passcodes. Information Security magazine reviews these capabilities.
-
7 Security Questions to Ask Your SaaS Provider
Outsourcing software as a service (SaaS) puts control over an organization's applications in the hands of others. Learn what questions to ask your provider, how to define security policies, how to understand how service providers handle security and ensure enforcement of policies.
-
Product review: Symantec Database Security 3.1
DATABASE SECURITY
-
5 Steps for Developing Strong Change Management Program Best Practices
Poor change control and configuration management can affect the security of your systems and networks. Follow these five steps for a strong change management program.
-
Product review: Mandiant Intelligent Response 1.0
INCIDENT RESPONSE
-
Secure Computing SafeWord 2008 product review
-
Columns
-
Interview: Jim Kirkhope of NCR
PING: Jim Kirkhope
-
Face-Off: Is vulnerability research ethical?
Bruce Schneier and Marcus Ranum debate the ethics of vulnerability research
-
Reasearch on Coding Backdoors Presents Ugly Picture
Editor's Desk: Backdoor Bedlam
-
Security, Privacy Offices Must Combine Resources
Perspectives: Nowhere to Hide
-
Interview: Jim Kirkhope of NCR
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...