Time for an Ever-watchful Guardian…


TimeforanEverWatchfulGuardian_HP NonStop | RBuckleThis past week I joined the HP NonStop systems community for their annual technical boot camp held in San Jose. In what is clearly trending upwards, this event started out quietly enough but quickly outgrew its initial event space and with an even stronger showing this year, has clearly outgrown its second venue. Pre-conference sessions, included as informal educational opportunities, were also well-attended. I had the opportunity of opening the session hosted by WebAction. Setting the stage for a look at the impact Big Data has on mission-critical applications typical of NonStop systems deployments, as my presentation set out to address, I was very pleased to see the venue almost packed even though it was very early Sunday morning.

In an upcoming post to the ATMIA industry blog at ATMmarketplace.com, I write of the necessity of being prepared, even as I touch briefly on an almost taboo topic for NonStop – no, no mission-critical application running on NonStop has ever been compromised by an outside agency. On the other hand, while no information on the NonStop has been compromised, I also wrote, that’s not to say there’s any lessening in the need for including fraud detection software as part of every payments solution implemented on a NonStop system. But even here, the landscape is getting more complex as companies increasingly network with each other to the point where analytics performed against network traffic has to take place in real time. Each and every system, NonStop included, needs to have an external agent as a guardian, ever watchful for the first signs of trouble.

In a post by ATMmarketplace editor, Suzanne Cluckey, she writes about the presentation, Casing out financial cyber crime: A federal agent’s point of view. While the post was about one of the last presentations given at the BAI Retail Delivery, it was “FBI Special Agent Patrick Geahan shar(ing) intelligence on the evolving cybersecurity landscape and emerging threats, and preemptive measures organizations can take to stop cyberthieves” that attracted a crowd. “What that means for you folks is that your weakest security link isn’t necessarily in your building or in your infrastructure. It might be someone that’s connected to you,” Geahan said. Added Cluckey “the best example of this is the recent Target hack, which occurred not within that company’s system, but within that of a heating contractor that had a VPN connection to the Target network.”

What came out of the HP NonStop Boot Camp’s pre-conference session in which I participated was that it was through products like WebAction that steps could be taken to step back from individual systems and, much like the military provides these days via their own hi-tech radar representations, take a God’s Eye view of all that is transpiring on your system, on adjacent systems, on network components – even inside a shop with just a single POS device – no matter, patterns could be quickly identified and potential fraudulent attacks detected even as they first appear. Someone connected to you could become the source of unwanted attention being given to your system. NonStop systems may have never been broken into but that still doesn’t rule out the arrival of a fraudulent transactions and this is possibly the immediate opportunity for many Financial Institutions to find value in having WebAction standing guard!