Patch Management for PCI-DSS Compliance

Summer is here! Unlike the school year, PCI-DSS Compliance is an ongoing regulatory concern that does not get put on pause during the summer months. As you prepare for summer auditors, make sure you keep PCI-DSS Compliance top of mind!

pci5What Is PCI-DSS Compliance?

PCI (Payment Card Industry) – DSS (Data Security Standard) Compliance is all about enhancing payment card security and ensuring the safe handling of cardholder information. The framework for PCI-DSS involves prevention, detection and appropriate reaction to any security related incidents involving payment cards. In short, PCI-DSS Compliance is a set of standards used to keep payment card data protected from exploits.

How Does This Relate to My ATMs?

PCI-DSS recommends that ATMs undergo regular operating system updates in order to ensure optimum security when it comes to payment card data and ATM usage.  When an operating system vendor finds a security risk within their system, a security update is released. The manufacturers and software houses then evaluate the relevance and severity of the security update to their products and software applications, and create a software patch that can be incorporated into their systems.

Think of It This Way…

When Microsoft discovers a security risk within their Windows 7 operating system, they inform vendors like Hyosung, NCR, and Diebold of the update. The manufacturers evaluate the risk and determine if a software patch needs to be created. The software patch is then issued and released to customers who have registered for software maintenance services. It is now the responsibility of the equipment owner to get those updates on their ATMs.

NuSource Can Help!

Keeping ATMs PCI-DSS Compliant is a task many Financial Institutions have a difficult time staying on top of. NuSource offers a Remote ATM Patch Management Service, known as NuView, that can help. NuView is a remote ATM management tool that allows software patches to be delivered remotely to your fleet. Remote Patch Management protects our customers from supplementary costs associated with PCI-DSS Compliance, allowing you to put your focus back on gaining market share and a competitive advantage.

Benefits of NuView Include:

  1. Greater ATM Availability: All patches are downloaded remotely during non-peak hours, while the ATM remains available for use. Once the download is complete, the ATM is reset and brought back live. Only during this brief time is the ATM out of service. Downloading patches remotely provides an annual savings of nearly 15 hours of ATM availability. Since the Manual Patch Management process is completed by a technician during business hours, the ATM must be taken out of service for about 4 hours per update. The Remote Patch Management Process does not require an on-site visit, and takes a fraction of the time, providing greater accuracy and effectiveness.
  2. Improved ATM Visibility: Each NuView customer gains access to the NuView Dashboard, a centralized web interface that enables users to view features of their ATMs and surveillance systems anytime, anywhere, on ANY device.  The NuView Dashboard shows specific details about equipment, serial numbers, software levels, and configurations. With various NuView add-ons, including Remote Diagnostics, EJ Archiving, Anti-Skimming & Malware Security Protection, and Marketing Screen Updates, your ATMs can be monitored, managed, and maintained at the highest level, ensuring optimal efficiency.
  3. Superior Audit Reporting: Each NuView customer will receive an electronic Patch Update Report, on a quarterly basis, highlighting the specifics of every Windows Security Patch that has been installed. These reports can then be shared with auditors when needed.

To learn more about PCI-DSS Compliance, and to sign up for NuView, contact your NuSource Representative!

Skip to toolbar