Category Archives: Security Kiosk

CyberSecurity Kiosks Help Companies

Reprinted from Olea Kiosks

Portable media remains one of the key ways hackers infect a company’s network

Anyone who’s ever dropped of their child at a daycare is familiar with the scenario. If one child has a virus, it’s only a matter of time until all the other kids pick it up as well.

It’s the same with digital storage devices. Introducing USB drives, media cards or data disks into company computers can be just as risky as having your child spend the day with a sick kid.

Sure, it’s likely there’s no bad intent. It may simply be to copy a few files to work on over the weekend, or just to bring some favorite tunes into the office to help make the day more enjoyable. But portable drives are like those sick kids at the daycare.  The worst-case scenario involves the spread of a nasty virus that can end up costing a parent (or a company) thousands of dollars to fight.

The bigger the corporation, the greater the risk. In addition to a greater number of employees who may use portable drives, larger corporations are likely to use contractors to perform maintenance on equipment that may provide an access point to internal networks.

Think the risk is overblown? A recent story on ZDNet detailed how a third-party worker inserted a USB drive into a computer on a cargo ship, inadvertently planting a virus in the ship’s administrative systems. The systems of another cargo ship were infected for more than two years, thanks to a virus that was introduced to its power management systems via a USB drive used in a software update. Luckily, nether incident affected the ships while they were at sea.

In another story that would be laughable if it wasn’t true, Taiwan’s Criminal Investigation Bureau handed out 250 USB drives to winners of a quiz on cybersecurity. The bonus? At least 54 of the drives were infected by a virus that had made its way from the computer of an employee of the hardware manufacturer.

Olea California Cyber-Security Malware Scanning Kiosk

And in yet another situation, reported on KrebsOnSecurity.com, the American Dental Association admitted that it may have inadvertently mailed malware-laced USB drives to thousands of dental offices around the country.

The drives contained information about updated codes that dental offices use to track procedures for billing and insurance purposes. Unfortunately, the drives also contained a program that attempted tries to open a Web page used by hackers to infect visitors with malware, ultimately giving criminals full control of the infected Windows computer. The ADA told Krebs the drives were manufactured in China by a subcontractor of one of its vendor, and that about 37,000 of the devices had been sent to dental offices.

With the risks involved in using portable drives, what can a company do to protect itself?

Stop problems at the front door

Organizations in a variety of industries require secure networks that serve critical infrastructure, mission critical processes, or are otherwise vital to business operations. Critical networks monitor and control physical equipment and processes, often found in industries that manage critical infrastructure, such as energy, oil & gas, water and utilities, but also in manufacturing, pharmaceuticals and government defense networks. Critical networks are also found in air and road traffic control, shipping systems, as well as other industries.

These networks are often targeted by professional hackers, and in some cases even by government supported actors. These sophisticated hackers frequently use zero-day attacks which cannot be detected by traditional signature-based security tools. In addition, malware continues to grow both in volume and in complexity, with new variants increasingly evading even more advanced security systems such as malware sandboxes. In 2018, we saw Shamoon malware used to attack energy facilities around the globe and the Triton cyber attackshut down a number of industrial facilities.

To guard against outside attacks, networks are often air-gapped or somehow isolated from the rest of the organization’s infrastructure.

One way to ensure network security, of course, is to completely ban the use of outside drives with company equipment. Unfortunately, in many situations that’s just not practical. For example, operating systems and software need to be patched and critical system logs need to be collected. It may also be an outside firm making an on-site sales pitch using a presentation brought in on a CD or flash drive, or it could be an employee using their personal device to transfer files to work on over the weekend. It could be a doctor at the local hospital copying X-ray images to take back to their office.

And chances are that most of us have three or four flash drives sitting on their desk, purchased at the local drugstore, picked up as swag at an industry trade show or even found lying near a computer in a conference room. If we needed on in a hurry, we’d likely grab one of those without giving it a second thought.

Anyway, who wants to work in a cubicle farm where bringing in some Taylor Swift to pass the time is against the rules?

Securing the network against threats

With that in mind, how does the organization create a data transfer process to securely move files in and out of the critical network without exposing it to a risk of infection or the loss of sensitive information?

A more sensible way to address network security might be to allow the use of portable drives, but insist those drives be scanned before being used at the office. It’s sort of like signing up for daycare services but getting a full medical workup on all the other kids before trusting them with your own child.

Enter the Cybersecurity kiosk

One tool for accomplishing such a task is the California Cyber Security Kiosk, manufactured by Olea Kiosk. Olea created the California to help companies safeguard their infrastructure from malware threats on removable devices brought in by employees, contractors, vendors and others.

The California safeguards critical networks by providing the ability to detect malware, as well as control and sanitize file contents before entering or leaving a secure network. The kiosk can be deployed at strategic locations throughout your organization where employees or guests may be entering with USB drives or other portable media that could contain malicious files. A notice that portable drives need to be scanned before being brought on site can be included in employee training materials, while receptionists or other greeters can direct contractors or third-party vendors to scan any drive they plan to use while at work.

Using OPSWAT’s Metascan multi-scanning technology, Olea’s kiosk can scan USB drives, Blu-ray/CDs/DVDs, and other portable media using up to 30 fully-licensed antivirus engines. The kiosk offers an array of features including a 15-in-1 media reader, a receipt printer, a robust Dell CPU, two external USB ports and a UPS battery device that continues power during an electrical brownout.

The kiosk’s stylish design allows it to provide functionality while at the same time enhancing the look of employee entrances or office lobbies.

Nearly every day brings news of a data breach, ransomware attack or other virus issue that brings a company to its knees, and those threats continue to grow. The 2018 Global Threat Report indicates that more than 7 in 10 of all organizations in the US were affected by a data breach in some way over the past few years. Other studies peg the cost of a data breach at an average of $3.62 million.

Don’t be one of that 70 percent. If you need protection from the cybersecurity risks of using portable media, Olea Kiosks stands ready to help!

Contact Olea Kiosks today at 800.927.8063 for more information

 

Related Information

Kiosk Security – Tokenworks Selects Acuant to Combat Influx of Fake IDs

Provides Age Verification Solutions for Hospitality, Security and Cannabis Dispensaries

ID Detection Kiosk
IdentiFake ID Verification Solution Fake ID Detection for Casinos, Cannabis Dispensaries and merchants who are required to verify identification to minimize risk.

Acuant, a global provider of identity verification solutions, today announced that Tokenworks® Inc, a leading provider of ID scanners and identification software, selected Acuant’s AssureID to enhance TokenWorks’ advanced identity verification system IdentiFake®. Together, both companies will help customers across the hospitality, security and cannabis dispensary markets detect fraudulent identification and meet stringent industry compliance regulations.

“There is a growing need for higher-level identity verification, especially for companies operating casinos or dispensaries. These industries are highly regulated – especially those selling cannabis – so the stakes are higher for misidentifying a fraudulent consumer ID,” said Charles Cagliostro, President, Tokenworks, Inc. “With Acuant we’re able to offer our customers peace of mind by providing them with an easier, quicker and more effective method to catch forged or ‘fake’ IDs. Acuant’s technology is proven as best-in-class and allowed us to rapidly provide a sophisticated ID verification solution.”

AssureID powers Tokenworks’ IdentiFake® System to quickly perform dozens of forensic checks and detect microprint, holographic and other security features. Using AssureID’s patented process, the solution extracts biometric and alphanumeric data contained in an identity document to authenticate it by applying 50+ forensic document-specific tests in seconds. The IdentiFake software is currently being operated by casinos, banks, liquor stores, bars and nightclubs, and cannabis dispensaries, as well as any organization that has a high risk of loss associated with performing a transaction with fraudulent identification.

“Organizations across all industries are increasingly serious about fighting identity fraud. But for some, it’s more important than ever to have a trusted and reliable identity verification process in place,” said Yossi Zekri, president and CEO of Acuant. “Tokenworks understands the needs of its customers and delivers products that consistently deliver results. We’re thrilled they chose Acuant to help power their advanced IdentiFake ID verification solution.”

About Acuant

Acuant is an identity verification platform that instantly reduces fraud while providing seamless customer experiences. Solutions include intelligent data capture and auto-fill software, identity document authentication, chip and e-Passport authentication with PKI, facial recognition software and expert manual review of documents. Human assisted machine learning powers the largest ID library processing 196+ countries monthly and having completed more than 3 billion transactions worldwide. Acuant mitigates risk and meets regulatory requirements such as KYC and AML, while protecting PII. Partners include start-ups, Fortune 500 and FTSE 350 organizations in all industries. For more information, please visit acuantcorp.com.

About TokenWorks

TokenWorks, Inc manufactures and empowers advanced Driver License Scanning and Age Verification solutions, matching best-in-class hardware and custom-developed software elements to create solutions that help businesses gain confidence and accuracy in their ID Scanning practices. In business since 1998, TokenWorks serves thousands of customers across the US and Canada. For more information, please visit TokenWorks.com or its ecommerce store at IDscanner.com.

PR Contact:
Malini Gujral
Acuant
213-867-2625
marketing(at)acuantcorp(dot)com

Charles Cagliostro
TokenWorks
914-704-3100
sales(at)tokenworks(dot)com

Camlock Systems Launches LinkedIn Company Page

Camlock Systems Ltd has launched its company page on the professional social network LinkedIn. Camlock’s followers can now obtain expert security advice, gain company insights, read market news and participate in related discussions.

Camlock Systems’ locking security experts work in partnership with customers to supply or to design, develop and manufacture mechanical and electronic locking security using innovative technology.

By following Camlock Systems on LinkedIn, interested individuals have the opportunity to learn about products, markets, partnerships, career opportunities, Camlock’s team, and more.

LinkedIn further enables people to engage with Camlock Systems and their security experts, either by sharing and commenting on posts or by approaching a team member directly.

Camlock’s products are widely used in the self-service industries including vending machines, gaming machines and kiosk terminals as well as infrastructure and utilities cabinets and enclosures.

Rebecca Koch, International Marketing Manager at Camlock Systems, says: “LinkedIn will give our followers and us the chance to get to know and inspire each other. I would like to encourage everyone who is interested in locking security to connect with us.”

Follow us on LinkedIn under https://www.linkedin.com/company/camlock-systems-ltd or visit our website www.camlock.com for further information.

PCI Compliance – EMV Is ‘A Colossal Waste of Time’ for Retailers: Report

IHL, which tracks retail payment trends, has slammed EMV in a recent report, calling it “a colossal waste of time, effort and capital to the retail industry.”

Source: www.paymentssource.com

Major holdup for EMV is that the banks are going to charge more per transaction to do EMV.  That’s a break in tradition where usually the more secure transaction has fewer fees since fewer problems. Card present transactions are cheaper for businesses than card-not-present for example.

Kiosk Security – KIOSK Information Systems Using Intel Security McAfee

Intel Security today announced they are collaborating with KIOSK Information Systems (KIOSK), the global leader in custom self-service solutions, to provide even better retail kiosk security options. KIOSK provides licensing options for deployers to secure their self-service retail platforms with Intel® Security’s McAfee Integrity Control™ technology before shipment and installation, enabling safer connected Internet of Things (IoT) devices used by consumers and global retailers. 

Source: www.marketwatch.com

Security takes on new significance every day.  Ideally some sort of protective framework  is used in conjunction with industrial long life cycle PC.  Using corporate PCs requires scrubbing.

Security kiosk – Olea Anti-Malware Security Kiosk

OLEA’S ANTI-MALWARE SECURITY KIOSK FEATURING OPSWAT TECHNOLOGIES

Cyber security has been at the forefront of the news with major security breaches impacting some of the largest companies in the United States, including JP Morgan Chase, Staples, eBay, Home Depot and more[1].

In addition to traditional online methods of transferring viruses and malware, hackers have now begun to use portable media, such as USB “jump drives,” as a way to infiltrate secure networks.  In 2012, two U.S. power plants were infected by viruses that gained access to the highly secure networks through the use of USB sticks[2].

As a result, it is more important than ever to not only secure the computers and devices that have constant access to a network, but also ensure that any portable media has been thoroughly screened for viruses and malware.

Olea Kiosks has partnered with OPSWAT to provide a highlysecure anti-virus and anti-malware kiosk solution that will run OPSWAT’s Metascan software on portable media to prevent virus attacks that are perpetrated through portable media.

The California Kiosk is the latest kiosk model launched by Olea Kiosks, an award-winning kiosk manufacturer.  The California is a sleek unit with a small footprint that makes it a versatile interactive kiosk solution for any deployment.  The California comes with a universal device reader on the front panel for quick and easy scanning of any portable media, such as a USB drive or a DVD.  The internal components are easily accessed through the front panel, but in order to ensure that the highest security protections are maintained, the entire unit comes outfitted with highly secure locks to deter unintended access.  In addition, the kiosk is fully ADA compliant, so it is a great solution for government agencies.

Like Olea’s California Kiosk, OPSWAT’s Metadefender software is a cutting edge cyber security solution.  Metadefender utilizes OPSWAT’s Metascan security software to detect and prevent both known and unknown security risks based on a complex set of APIs.  Any possibly malicious file is flagged and quarantined to prevent any further access.  Metadefender is easily configured through a web-based interface to allow for multiple security rules based on varying security privileges and access levels within an organization.

The industry leading technology of the Metadefender software and the Olea California kiosk combine to provide a best-in-class cyber security anti-malware solution.  This cyber security kiosk can be deployed both connected to a network or in an offline/air-gap environment.

Contact Olea Kiosks today to find out how Olea’s anti-malware security kiosks can enhance the security of your network.

 


[1] http://www.usnews.com/opinion/blogs/world-report/2014/12/31/after-a-year-of-major-hacks-2015-resolutions-to-bolster-cybersecurity

[2] http://www.power-eng.com/articles/2013/january/two-us-power-plants-fall-victim-to-viruses.html