National Bank Secures ATM Data Collection via Email at Central Repository Database

National Bank Secures ATM Data Collection via Email at Central Repository Database

Company Overview

A national bank with ATMs located across many disparate locations.

Case Summary:

Industry: Banking

Challenge: Isolate and secure central data repository while preserving the collection of trusted files from ATMs in the field via email.

Solution: OPDS-100 data diodes deployed in conjunction with existing firewall solution.

Benefits: Deterministic, one-way data flow secured OT network from outside influence or attack and enabled PI System replication to corporate end users.

Cybersecurity Challenge

Transaction and security data from many disparate ATMs is sent back, via email, to the bank’s central repository database for use and analysis. However, after a security review, the bank determined that software firewalls were no longer sufficient to protect its central repository database from external cyber threats. The bank required increased network cybersecurity but also the ability to continue collecting data from its ATMs into the central repository.

Requirements:

  • A secure network perimeter device which would permit only whitelisted and trusted emails and files to flow into the data repository
  • Remove outside connections from the repository, so that no data can be externally accessed or extracted

Use Case | Before


Solution

OPDS-100 was selected to eliminate remote data repository access and enable deterministic, one-way data transfer of ATM security and transaction data into the database via email. Working in conjunction with the pre-existing firewall, the data diodes allow only whitelisted and trusted files into the data repository.

Use Case | After

Deployment

Solutions:

Owl Perimeter Defense Solution – 100 (OPDS-100)
Self-contained 1U data diode, purpose-built for network segmentation and deterministic, one-way data transfer.

Results

  1. Secure, hardware-enforced boundary created between the ATM network and the central data repository
  2. Data diodes eliminated all outbound connections from data repository while providing inbound flow of trusted ATM data via email
  3. Data cannot be exfiltrated from data repository through any outside network connection
  4. Business continuity maintained through highly-controlled, one-way data flow into data repository
DOWNLOAD RESOURCE ↓