14. Additional
Information
Free Security Scanner Tools
Application Scanner – discover all the apps
being used in your network
Device Scanner – discover all the devices
being used in your network
https://www.lumension.com/resources/
premium-security-tools.aspx
Reports
Whitepaper “The State of APT Preparedness”
from UBM Tech at
https://www.lumension.com/resources/
WhitePapers/The-State-of-APT-Preparedness
On-Demand Webcast “Top 9 Mistakes of APT
Victims” by Ultimate Windows Security at
https://www.lumension.com/resources/
Webcasts/Top-9-Mistakes-of-APT-Victims
Free Trial (virtual or
download)
http://www.lumension.com/endpoint-
management-security-suite/free-trial.aspx
Notes …Know your enemyOther resources = DHS, CERT, POS vendors,Infosec vendors, Bank / ACH / etc.Restrict internet access from POS systemsRemote POS hacksTarget market cap impact …~63 in late-Dec~55 at low point (early Feb)~57 nowAbout Remote POS Hacks (http://blog.icorps.com/bid/137975/New-Trend-The-Point-of-Sale-System-Hack) … There are many vulnerabilities within a PoS system - if a system is not properly protected, anyone with an inside knowledge of how the systems work can carry out a hack without much difficulty. Hackers are becoming more skilled, therefore PoS systems that used to be seen as a challenge are not as daunting as before. Because many PoS devices come pre-loaded with an operating system, the inner workings and weaknesses of that system are known to hackers. All they need to do is find an unsecured IP address or hack into a secure Wi-Fi connection if proper protections have not been put in place. A well-known weakness of PoS devices is their Internet printing protocol, which many businesses use for remote printing. Protecting your business against PoS Hacks:There are some simple and straightforward steps you can take to make your system less accessible to hackers, for example:Ensure all Wi-Fi connections on your network are secureAvoid using a Wi-Fi network name that is associated with your businessImplement a lockout system for failed login attemptsAlways change the default password for softwareFollow best practices on secure password creationUpdate your systems as often as possible – manufacturers are usually quick to respond to known vulnerabilities by releasing patches and software updatesHowever, no matter how many precautions you take, there is still likely to be one or more vulnerabilities that you are unaware of. Invest in the future of your business by hiring a reputable IT company to assess your system and identify your existing security risks.