|
December 14, 2009 - December 18, 2009
* WhiteHat Security & Fortify Software Form Partnership Fortify Software announced its first security services offering which is a software-as-a-service solution that includes an option for dynamic application security testing with WhiteHat Security. Fortify's new Fortify On Demand service is basically a streamlined version of its static analysis scanning tool that checks applications for vulnerabilities. As part of the new service, Fortify is also offering the option for dynamic scanning and application penetration testing through WhiteHat. Desktop sales have been declining for years, and the biggest trend in desktops is smaller form factors. Case in point: Dell’s OptiPlex 780 USFF (ultra small form factor), which starts at $629, is designed to take on similar offerings from HP and Lenovo. Dell also unveiled the OptiPlex 380. The OptiPlex 780 USFF weighs in at just 7 pounds is 9.4 inches high, 2.6 inches wide with a 9.3 inch diameter.
IBM is rolling out its Tivoli Live Monitoring service that will monitor the health of data resources, operating systems, virtualized services and all software. Big Blue can also automate analysis and corrective measures so a system can heal itself under certain conditions. Features include:
Hypercom is targeting financial institutions with their Optimum T4200 payment terminals. The Mini-ATMs, which can be installed in branches or at participating retail locations, enable consumers to complete more than 100 types of transactions, including paying bills ranging from utility, insurance and credit card bills, and purchasing goods and services, such as airline tickets and mobile phone pre-paid vouchers.
Credit Union tech-talk readers receive one month of free service and free setup! Sign up today: http://branchmap.com/cunews.html
Biometric Digest Highlights - WWW.BIODIGEST.COM Looking ahead to 2010, Unisys predicts that government and commercial organizations will take a more proactive approach to security, implementing new measures to verify identity and protect confidential information. Financial institutions and defense agencies will lead the charge, with ports and other organizations quickly following. Unisys believes that the coming year will see a tipping point in use of biometric identification tools such as iris, facial or fingerprint scans, and that mobile biometric devices will allow governments to take more biometric-based critical services directly to their citizens, rather than requiring their citizens to come to the technology.
Security researchers from SMobile Systems have released a paper detailing successful man-in-the-middle attacks against several smartphones. The SSL-enabled log in sessions on the tested, Nokia N95, HTC Tilt, Android G1 and iPhone 3GS, devices were sniffed using the publicly available SSLstrip tool, with the attack taking place over an insecure Wi-Fi network. SMobile Systems warns smartphone users to approach convenient and free public Wi-Fi networks with caution, and emphasizes that your mobile service provider’s 3G connection, or the one offered by a trusted Wi-Fi network should always be considered as your first choice - especially for mobile banking access. According to results from NSS Labs, an independent testing organization, intrusion prevention systems (IPSes) products are nearly 50 percent less effective at catching threats if left with their default settings, and some operate at only about half of their promised throughput. NSS Labs tested the IPSes with their default settings and then allowed the manufacturers to configure their devices. They found that you can get up to 44% better protection by tuning it, and on average, you get 18% better protection. NSS discovered that attacks that employ evasion and obfuscation often fool IPSes, and only two vendors' IPS products were able to detect all attacks that tried to mask their true intentions. As for performance, NSS Labs found that vendors overstate their throughput anywhere from 12 to 50 percent. In reality, that means that a 1-gigabit speed IPS may be passing only 600 megabits of traffic, and the rest may pass through uninspected. NSS Labs tested the Cisco IPS 4260 Sensor, IBM Proventia Network IPS GX4004, IBM Proventia Network IPS GX6116, Juniper Networks IDP-250, Juniper Networks IDP-600c, Juniper Networks IDP-800, McAfee M-1250, McAfee M-8000, Sourcefire 3D 4500, Stonesoft StoneGate IPS-1030, Stonesoft StoneGate IPS-1060, Stonesoft StoneGate IPS-6105, TippingPoint 10 IPS, TippingPoint 660N IPS, and TippingPoint 2500N IPS. Core Systems: Helping CUs Focus on Opportunities
According to First Data, membership in credit card rewards program is declining – from 71% of the consumers surveyed by the transaction processor in 2008, to 67% this year. Meanwhile, debit rewards participation increased significantly, from 34% of consumers surveyed in 2008 to 45% this year. To drive debit card use, some issuers are offering more generous rewards in exchange for an annual fee. Meanwhile other issuers are increasingly partnering with retailers to offer discounts or rewards that are far more generous than their regular rewards. Other programs are extended to allow members to earn a fixed number of points per month based on the number and type of accounts they have with the credit union. Unfortunately, rewards programs are not inexpensive; according to First Data on average, a credit union spends $20 to $25 per member each year for a debit rewards program which includes all costs associated with technology, marketing, support and redemptions. Online Banking/E-Commerce/Website Design Veritec, a developer of mobile banking debit card solutions, announced it is rolling out a Visa branded multi-purpose card. It will have Veritec's proprietary VSCode on the back of the card. VSCode is a secure data storage container that holds several thousand bytes of data. The company says that having the VSCode on the back of the prepaid card will enable issuers to use it as a multi-purpose financial and secure ID card. Cisco is making a big push for the SMB market by offering a new line of Linux-based routers, promising easier configuration and administration. Cisco will be phasing out the Linksys brand in favor of products branded as Cisco Small Business and Cisco Small Business Pro. Analysts say that the new SMB offering by Cisco aims for the middle ground in terms of easy configuration and stronger security. IVR systems provider, Angel.com has released a “cheat sheet” for organizations looking to improve their IVRs. The company says that first and foremost, you should always consider your IVR system a ‘work in progress’ that should be continuously monitored to provide the best service. To start, Angel.com suggests letting callers know what to expect from the system immediately by presenting a pleasant greeting and explain what the system can, and will, do for the caller. They recommend never hiding the option for a caller to speak with a live agent. Other recommendations include:
Inbound Telecom Disaster Recovery
Nothing is more important than serving your members. Telecom Recovery, which protects the communications for dozens of credit unions across the US, has a very powerful - and low cost - technology that protects your inbound calls during any kind of outage including:
Catch Tom and Bill Rogers, Associate Editor of Credit Union tech-talk at the following conferences in 2009: February 21-25, Washington - CUNA Governmental Affairs Conference May 19-21, Las Vegas - Credit Union InfoSecurity Conference |
