CONTINUE TO SITE »
or wait 15 seconds

Blog

Lift the flap ... what's behind it?

In the payments business, an entire industry focused on security is taking shape behind the scenes. The question is who else might be lurking back there, as well.

October 28, 2014 by Richard Buckle — Founder and CEO, Pyalla Technologies, LLC

While walking along the famous Pearl Street Mall in Boulder, Colorado, I happened upon an ATM that caught my interest.

I thought it was simply down for repairs until my wife, Margo, took a second look and we figured out what was going on. The machine was fitted with a crudely fashioned black plastic cover covering the screen.

Our immediate reaction was that someone had added an extra security feature to protect the screen from breakage — after all Boulder is a big college town with popular bars on the other side of the mall.

But in the end, we realized that the thoughtful folks who owned the ATM had provided a simple way to ensure a glare-free screen — this one faced due west and was practically unreadable in the afternoon light. All up, a simple solution, despite the crudeness of its implementation.

 

 

 

 

 

 

The folks who owned the ATM had provided
a simple way to ensure a glare-free screen.

For the payments industry perhaps the real question should be what's behind the flap and, more to the point, who else is looking behind it.

In her latest interview with Fortune magazine, IBM CEO Ginni Rometty spoke of her own reinvention plan for IBM, which involves trying to get the company to concentrate on three core areas — big data, the cloud, and what she calls simply "engagement" (that is to say, mobile and social technologies). More specifically, I have to believe, secure engagement is the implication.

This follows similar sentiment over at HP where CEO Meg Whitman recentlky reiterated that the new Hewlett-Packard Enterprise — half of the former HP following the recent announcement of a split — "will have a unique portfolio and a strong, multiyear, innovation roadmap across technology infrastructure, software and services to allow customers to take full advantage of the opportunities presented by cloud, big data, security and mobility in the new style of IT."

If anything, security is at the top of everyone's list. In a recent interview, DataExpress Founder and President Michelle Marost said, "I think the answer here is security, knowing where any file is at any time. Since early DataExpress customers were the banks, it was critical to know where each file was in the flow."

This may sound simple enough, but the folks at DataExpress move all the money around using secure managed file transfers as part of the process after transactions are completed.

"This is the year of security," said DataExpress Senior Analyst Susan Raye. "What I am seeing within the customer base is a recognition that you can't just pull down a security module and believe you are all right. This is our area of core competence and we continue to listen to our customers as they consider anything new that appears in the marketplace."

It's clear that hacking itself has become a disruptive technology or, at least, practice. The more I talked to DataExpress executives, working as closely as they do to the financial industry, the more I came to realize that behind the flap, as it were, is an emerging industry focused entirely on security.

And then, more headlines appeared this week and I realized that our "year for security" isn't over yet.

On Oct. 20, under the headline, "Officials warn 500 million financial records hacked," USA Today reported:

Federal officials warned companies Monday that hackers have stolen more than 500 million financial records over the past 12 months, essentially breaking into banks without ever entering a building. The U.S. financial sector is one of the most targeted in the world, FBI and Secret Service officials told business leaders at a cybersecurity event organized by the Financial Services Roundtable. The event came in the wake of mass hacking attacks against Target, Home Depot, JPMorgan Chase and other financial institutions.

More revealing were the comments from the FBI. "We're in a day when a person can commit about 15,000 bank robberies sitting in their basement," Robert Anderson, executive assistant director of FBI Criminal Cyber Response and Services told USAToday.

Even more chilling, "You're going to be hacked," FBI cyberdivision assistant director Joseph Demarest told business leaders. "Have a plan."

A day later, the New York Times Bits blog reported that Staples had been hit by hackers. Furthermore, it said:

This month, Sears Holdings Corp. reported a data breach at its Kmart stores, as did Dairy Queen, the food chain. Other recent breaches at retailers have affected Target, Supervalu, Home Depot, Sally Beauty, Neiman Marcus, United Parcel Service, Michaels, Albertsons and the P. F. Chang's restaurant chain. Each company had its in-store payment systems compromised with malware over the last year.

Payment systems compromised? 15,000 bank robberies carried out from a basement! You're going to be hacked — have a plan?

Returning to the observations of DataExpress' Marost:

Our clients know that moving data securely and efficiently is critical to their business. Anyone can move bits and bytes between business units, customers and machines, but have you asked yourself if your business, your relationships and your reputation could survive intact should the integrity of that data be compromised.

The ATM on Pearl Street with its odd-looking plastic flap might be old technology, but just how much attention are we paying to what's really going on behind the ATM itself?

If it's one of our ATMs on our payments platform, do we have a plan? Have we truly locked down everything? Or has our weakest link become an open-source tool, moving data that anyone in any basement can hack in an instant?

photo courtesy jason taellius | flickr

About Richard Buckle

Richard Buckle is the founder and CEO of Pyalla Technologies, LLC. He has enjoyed a long association with the Information Technology (IT) industry as a user, vendor, and more recently, as an industry commentator, thought leader, columnist and blogger. Richard participates in the HPE VIP Community where he is part of their influencer team.

Connect with Richard:

Related Media




©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'