Best
Practices
Latest software (install security patches)
Limit/avoid shared passwords
Define
network zonesUse multi-factor authentication
Define, set & adhere to permissions/access
Use the functions provided
Find
the right partners
BE VIGILANT! A 4690 OS customer hired a white hat hacking company to perform a penetration test of their live system. They agreed to allow us to present the results, given that no identifying information be included.
4690 OS Security Case Study 1.Issue Title Insecure Protocols
Severity: Severe
Description: telnet ftp enabled
Vendor/TGCS recommendations Enable SSH
2.Issue Title Sensitive Information in Memory Dumps
Severity: High
Description: Card data in memory dumps
Vendor/TGCS recommendations Enable Data Security (V6R4)
4690 OS Penetration Test Results 3.Issue Title Insufficient Server Hardening
Share with your friends: