security and pos best practices peter harris...
TRANSCRIPT
![Page 2: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/2.jpg)
Session Overview
Are you leveraging best practices to ensure the inherent
security of 4690? Attend this informative session to learn
what they are and how they can be applied.
![Page 3: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/3.jpg)
Agenda
4690 OS Security Functions including Hardware, and
ACE
Best Practices
4690 OS Security Case Study
![Page 4: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/4.jpg)
Who is next…
![Page 5: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/5.jpg)
4690 SECURITY
FUNCTION
![Page 6: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/6.jpg)
4690 OS - a track record of success in retail
Designed specifically for retail store environments‒ Reliable, secure and flexible‒ Thin Client
Rock solid performance ‒ Approaching 1 million installations worldwide
Smallest footprint of any proven retail operatingsystem today
Dial-tone reliability – trusted 24 x 7 x 365
16 of the top 25 retailers run 4690 OS
TGCS 4690 Embedded Linux based Operating System is the premier point-of-sale platform in the
retail industry today, delivering broad functionality and remarkable reliability.
![Page 7: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/7.jpg)
4690 OS – Data Integrity and Security• Data Integrity
– Guaranteed data writing
– Mirrored file capability
– Totals retention
– Terminal storage retention
• Security
– Multilevel access authorization
– Enhanced user security with V5 & V6
• OpenSSH, Secure Telnet, Secure FTP
– Directory Services with V6.3
– Whitelisting and File Integrity Monitoring with V6.5
![Page 8: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/8.jpg)
TGCS Security Bulletins
TGCS Security Workgroup Communications
– Controlled Distribution to 4690 OS Entitled Customers
– Currently by Marketing Flash to TGCS Sales Team and Business
Partners for Customer Delivery
– Future Plan via Entitled Customer Only Web Portal
![Page 9: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/9.jpg)
Toshiba 4690 OS Security and Hardware Terminal Hardware
‒ 4690 terminals don’t require a hard disk or CD-ROM
‒ No auto-run for devices in USB ports or CD-ROM
‒ Keylocks
• Keyboard
• Cash Drawer
• Printer - Journal Station
Operator Authorization (Application)
Controller Hardware
‒ No auto-run for devices in USB ports or CD-ROM
‒ Controller only drives your POS front end
‒ Remote access: use Secure Shell (SSH) or Netop
‒ Console ID Security & FTP Lockout
‒ SSDs
![Page 10: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/10.jpg)
Toshiba 4690 OS Security 4690 OS Architecture
– Controls on File Management
– Media-less terminals
– Special Image Build Tools
– Software Distribution Methods
– Embedded Linux Layer is locked down
Windows Programs will not execute on 4690 OS
– Modern Win net protocols typically do not work with 4690 OS
Limited pool of deep 4690 OS skills available in the marketplace WW
– Hackers will have to acquire 4690 skills
– Product Documentation removed from external website
![Page 11: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/11.jpg)
Security Functions in the 4690 Operating System
Enhanced Security
Directory Services / Open LDAP
SSH / SFTP
Console ID Lockout / FTP ID Lockout
Netop
Data Security for Payment Cards
Command Line Logging
SSL Certifications
Secure Delete
Encrypt Tool
MBrowser
Enhanced Menu
SSD Support
FIM
White Listing / Audit / Block
![Page 12: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/12.jpg)
4690 OS – Security 4690 OS
– No user access to 4690 Linux core
– It’s not a general purpose OS
– Multilevel access authorization
– Whitelisting with V6.5
Enhanced Security
– Supports various password rules
Directory Services / Open LDAP
– Enterprise management of IDs and passwords
![Page 13: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/13.jpg)
4690 OS – Whitelisting File Integrity Monitor (FIM)
– Customer creates base line of “golden” system
– Customer periodically runs scans of store controllers, pulling results and
comparing with previous scans for unexpected file changes
Whitelisting
– Customer creates authorized program list using “offline scan” tool
– Each file included on the Whitelist has a signature
– Each open request verifies signature if the file is on the Whitelist and if
signature matches
• Report Exception Mode: Provides trace logging and system events for file
status, but allows all opens to proceed
• Protect Mode: Prevents execution of all files that do not match the
signature. Files can be defined to always be blocked.
![Page 14: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/14.jpg)
BEST PRACTICES
![Page 15: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/15.jpg)
4690 OS Security with ACECash Register/POS Security Action 4690/ACE Solution CapabilitiesInstall Payment Application Security Standard-
compliant payment applications.
TGCS payment application are designed to the
PA-DSS standard and reviewed by an
independent assessor. The PCI website has the
current list of validated applications. You will find
ACE V7R3, V7R4, and V7R5 in the list of
validated payment applications.
https://www.pcisecuritystandards.org/
Deploy the latest version of an operating system
and ensure it is up to-date with security patches,
anti-virus software, file integrity monitoring, and
a host -based intrusion-detection system.
• Toshiba monitors and incorporates latest Linux
security patches in 4690 Enhanced
• Toshiba monitors 4690 Classic issues for security
concerns
• See below for File Integrity Monitoring (FIM)
response
Assign a strong password to security solutions to
prevent application modification.
4690 provides password hashing (SHA1) with an
update in 0F10
Perform a binary or checksum comparison to
ensure unauthorized files are not installed.
4690 has a built-in Report Module facility that can
be used as the first line of defense in terms of file
integrity management.
![Page 16: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/16.jpg)
4690 OS/ACE Security Best PracticesCash Register/POS Security Action 4690/ACE Solution Capabilities
Ensure any automatic updates from third parties
are validated.
4690 does not perform automatic updates for
third party software
Disable unnecessary ports and services, null
sessions, default users and guests.
• By default, ports and services are disabled, and
have to be turned on by the administrator
• 4690 does not support null sessions
• Administrator responsibility to change default
user/password
Enable logging of events and make sure there is
a process to monitor logs on a daily basis.
4690 has extensive logging capabilities and
coupled with the RMA Data Capture software,
logs can be automatically pulled back to a central
location for further analysis
Implement least privileges and ACLs on users
and applications on the system
• 4690 Enhanced applications do not have root
privileges
• 4690 provides fine-grained access control to OS
menu options
• Our applications provides additional per-user
access control to actions
Implement hardware-based point-to-point
encryption
• ACE V7R4 and higher provides support for
TransArmor Verifone Edition (TAVE)
![Page 17: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/17.jpg)
Security / Compliance with Verifone and First Data End-to-End Encryption – Verishield Protect
– Encrypts data at swipe of card
Tokenization - Transarmor (list of TAVE)
– Protects card data and prevents it from entering the merchant environment
– POS never holds actual card numbers from the transactions
– Removing payment card data from POS removes it from PCI scope
• Can reduce the scope of annual PCI audits by as much as 80%
• Can reduce the time PCI compliance requires by as much as 50%
ACE supports First Data’s
tokenization function for
credit, debit, and EBT
Food/Cash tenders
![Page 18: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/18.jpg)
Best PracticesLatest software (install security patches)
Limit/avoid shared passwords
Define network zones
Use multi-factor authentication
Define, set & adhere to permissions/access
Use the functions provided
Find the right partners
BE VIGILANT!
![Page 19: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/19.jpg)
4690 OS SECURITY
CASE STUDY
![Page 20: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/20.jpg)
A 4690 OS customer hired a “white hat hacking”
company to perform a penetration test of their live
system.
They agreed to allow us to present the results, given
that no identifying information be included.
4690 OS Security Case Study
![Page 21: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/21.jpg)
1.Issue Title: Insecure Protocols
Severity: Severe
Description: telnet ftp enabled
Vendor/TGCS recommendations: Enable SSH
2.Issue Title: Sensitive Information in Memory Dumps
Severity: High
Description: Card data in memory dumps
Vendor/TGCS recommendations: Enable “Data
Security” (V6R4)
4690 OS Penetration Test Results
![Page 22: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/22.jpg)
3.Issue Title: Insufficient Server Hardening
Severity: Severe
Description: Unneeded services and ports available
Vendor/TGCS recommendations: Create a standard
configuration enabling only appropriate ports, services,
etc.,
4.Issue Title: Insecure Password Policy
Severity: Severe
Description: No password rules enable.
Vendor/TGCS recommendations: Enable “Enhanced
Security” with appropriate password rules
4690 OS Penetration Test Results
![Page 23: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/23.jpg)
5.Issue Title: Account Enumeration
Severity: Medium
Description: There are unique error messages for
invalid ID and PW
Vendor/TGCS recommendations:
•SSH does provide single error message for invalid ID or
PW
•Control access to physical console:
•Enable “Console ID lockout” to limit attempts
4690 OS Penetration Test Results
![Page 24: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/24.jpg)
6.Issue Title: Predictable User Names
Severity: Medium
Description: IDs are too simple and easy to guess
Vendor/TGCS recommendations: Implement a user
procedure to create non-trivial IDs
4690 OS Penetration Test Results
![Page 25: Security and POS Best Practices Peter Harris …tgcs04.toshibacommerce.com/cs/groups/internet/documents/docum… · ‒Remote access: use Secure Shell (SSH) or Netop ‒Console ID](https://reader033.vdocuments.mx/reader033/viewer/2022042317/5f05e9cf7e708231d41558f9/html5/thumbnails/25.jpg)
Case Study Conclusion
The findings were addressed in V6R4 or earlier
It is important to keep current with 4690 OS releases as
security continues to evolve.
Please share with us feedback from security studies you
have initiated.
Toshiba is prepared and ready to help you impalement 4690 Security
Best Practices.