Asset protection

Tuesday, 8 July 2003, 9:18 AM EST

Banks come in all shapes and sizes, from global financial services firms down to the smallest credit unions. But finding better ways to ensure security is a common concern. Large banks face another challenge - the need to deploy data-management tools as data volumes grow.

Finding ways to identify the holes in applications and patch them is a top priority because of the many computer worms and hacker assaults that are aimed at exploiting specific software vulnerabilities. "We have to apply patches nearly every day," says Bill Arnold, IT manager at Purdue Employees Federal Credit Union in West Lafayette, Ind.

The credit union uses a mix of Unix, Linux and Windows servers and desktops. While the patching job had been manual until recently, the bank now uses a tool from SecurityProfiling to automate the patch process for some of its computers. SecurityProfiling's software agents sit on servers and receive and install software patch updates.

However, Arnold says it's hard to feel the battle can be completely won. For example, Microsoft Corp. doesn't provide patches for some of the older software the credit union still uses. The organization eventually will upgrade to newer desktop software, but the patch management problem remains a tough one to solve.

[ Read more ]


MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection

The device can wirelessly spoof credit cards/magstripes, disable chip-and-PIN protection, and predict the credit card number and expiration date of Amex cards after they have reported stolen or lost.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th