Security Corner

Jan 6 2010   1:37AM GMT

ABA Recommends Using Dedicated PC for Online Banking

Ken Harthun Ken Harthun Profile: Ken Harthun

This is an idea that has been floating around for awhile. I recommended Convert a USB Thumb Drive into a ROBAM. (ROBAM means read-only bootable alternative media.) Now, the ABA is recommending that businesses use a dedicated PC for online banking. This from SANS News Bites Vol. 12 No. 1:

The American Bankers’ Association (ABA) issued guidance to small and mid-sized businesses regarding how to protect themselves from the growing problem of unauthorized Automated Clearing House (ACH) transactions.  Of special note is the recommendation that businesses use
a dedicated PC that is never used for email or web browsing to conduct online banking transactions.

My take on this would be to set up a PC with Microsoft’s Steady State, disable any Internet access except to the bank’s online application and uninstall Outlook Express. I would make a completely locked down and hardened installation of Windows with all services disabled except for essentials. Assign a static IP address to the machine. I would use a software firewall and disable all ports except 80 and 443. Of course, anti-malware software would be essential.

Make the machine so difficult to p0wn that the bad guys give up. It can be done.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: