This Q&A with Diebold Nixdorf experts Julie Osborne, Global VP and Head of Services and Martin Nearhos, Principal Security Architect—Global Services Portfolio, was conducted by RBR Banking Automation Bulletin for their September 2018 issue and is reprinted here with permission.
RBR: Why are financial institutions having difficulty managing their self-service security?
Martin Nearhos (MN): Maintaining the security of end customers’ assets and information has always been a high priority for the industry, but threats against the self-service banking channel have evolved, and it is now much harder to keep up. Attacks against ATMs have traditionally been regionally isolated or slow-moving, but this is no longer the case. We are now seeing increasingly complex attacks – such as varied forms of jackpotting – taking place across the globe, while the threat of traditional physical attacks has never gone away. It is a lot to combat.
Julie Osborne (JO): Financial institutions also do not have the time or in-house expertise to keep security measures up to date. Banks and credit unions are under constant pressure to do more with less as retail banking paradigms shift, and even if financial institutions wanted to hire in-house security specialists, these resources are expensive and in high demand as businesses and governments fight cyber security threats.
There is also the constant pressure to stay compliant with security regulations and industry standards. ATM security service providers can help relieve the burden of staying on top of changes and staying protected against attacks.
RBR: What is the alternative to self-management of ATM security?
JO: It is increasingly popular for financial institutions to work with organizations such as Diebold Nixdorf that have intimate knowledge of the ATM channel and offer specialized security services as part of ATM fleet management arrangements. They want someone with 24/7 Secure Operations Centers for monitoring and who can take care of all necessary maintenance and hardware and software upgrades for them. Some financial institutions do not have the capability in-house to reliably maintain secure ATM environments, and others would simply rather have someone else handle it because it is a specialist capability.
RBR: What is Diebold Nixdorf doing to align with this trend?
MN: We have rolled out our ‘Managed Security Services’ offering as part of DN AllConnect Self-Service Fleet Management Services?. These services, in general, are designed to take the burden of effectively managing an ATM fleet off the financial institution, and Managed Security Services tap into Diebold Nixdorf’s global experience securing customer data, channels and endpoints against physical and digital threats.
JO: That’s right. Managed Security Services are designed to:
Ultimately, we provide multilayered protection and real-time information to ensure we have the visibility to keep customers’ ATM networks protected and available while also providing the information they need for effective ATM security audits.
RBR: What does an engagement like this look like for a customer? What options do they have?
MN: An existing customer who is already using Self-Service Fleet Management – a suite of services designed to run multivendor self-service devices – can decide what level of protection makes sense for their organization based on their business and operational risk. With a new customer, all the fleet details would be analyzed, then the customer would select the appropriate security services. We offer a basic ‘everyone needs this’ level of protection called Security Core Services and a more comprehensive tier called Security Enhanced Services.
When a customer has Diebold Nixdorf’s Managed Security Services, we can proactively monitor the ATM for suspicious activity, protect terminals more effectively in real time, respond quickly when attacks are detected and engage with the customer to resolve the incident.
RBR: Why do customers choose Diebold Nixdorf to provide these services?
JO: There are a number of companies that offer some form of enterprise Managed Security Services, but few can provide comprehensive protection at the ATM channel.
RBR: How are customers responding?
JO: The response to Managed Security Services has been quite positive. Threats against the self-service channel aren’t going away anytime soon, but with these services, financial institutions can spend less time trying to prevent attacks and spend more time with their customers, growing their business.
MN: Right. And while Managed Security Services have been rolled out across the globe, the services continue to evolve. There are a number of exciting developments in the pipeline, so those who start benefiting from our Managed Security Services today know they can only expect more value in the future. We are also working on a similar offering for endpoint protection in retail environments, and we look forward to debuting that in the near future.
Ready to refresh your approach to security? Learn more at DieboldNixdorf.com/Security.