Secure Software for Finance
Better Safe Than Sorry
The Importance of Software in Security. By Stephanie Kropkowski, Marketing Analyst for KioWare Kiosk Software.
The physical security of a kiosk is usually a concern of the kiosk hardware provider. Kiosk vendors address security by securing the kiosk in a locked durable enclosure, utilising a trackball instead of a mouse and replacing the regular keyboard with a kiosk keyboard with the specialty keys (those that normally allow access to the complete system) removed. Even with all these kiosk hardware security measures, the kiosk is still at risk from security threats at the kiosk system level.
Without a safeguard at the kiosk system level, users can easily access your entire system and change any settings they wish. Kiosk system software, such as KioWare, prevents security threats by locking down the system OS and desktop. The software wraps around existing applications so that users can access only your application and nothing else. This prevents the user from accessing any Internet Explorer menus and the Windows Desktop by removing all menu and window functions from Internet Explorer. All that is displayed to the user is the content window.
Additionally, in banking applications that utilise a printer, it is important that unclaimed printed material be retracted back into the kiosk, as the information is likely to be highly sensitive. If you use a printer that supports programmatic retraction, then KioWare will immediately retract the paper as soon as the user leaves the kiosk, rather than wait for the timer to timeout.
Finally, if the kiosk is connected to the Internet, it is important to prevent the user from accessing URLs not applicable to the function of the kiosk. Hiding the address bar and incorporating domain and page checking into the kiosk system software can accomplish this. KioWare does this by blocking or allowing domain navigation from an unlimited list of domains. And for any given domain, KioWare can also allow or deny access to an unlimited number of individual pages. Also, when Internet Explorer does not recognise a file, it would normally present a dialog box to the user asking whether to download and either open or save the file. KioWare can prevent the dialog box from being presented and also prevent the file from being downloaded.
Overall, kiosk system software can provide the security and privacy your application may not be able to provide. As an added bonus, utilising kiosk system software separate from your kiosk application will make updating and changing your application far easier. Your application should always focus on usability, and you should let your kiosk system software worry about security.
Friday, February 2, 2007