THE SEARCH FOR COST EFFECTIVE MARKETING
I’ve written articles previously about the benefits of device security, particularly as smartphone-type technology becomes far more ensconced in our professional and personal lives.
As the hundreds of thousands of UK citizens who have their credit and debit cards cloned every year will be more than aware, once a new technology becomes widely adopted into our everyday lives, the less scrupulous members of society will find a way to attack even the slightest loophole for their own gain.
Previous reviews have looked at how to prevent attacks on individual handheld devices, but it is important to remember that devices and their inbuilt technology change on a regular basis, which means that software preventing malicious attacks also require constant updating. This being the case, we must not overlook the point at which data leaves the device and how it is received in to our desk-based world.
Pretty much every home PC will now come with some form of antivirus software pre-installed as standard, albeit often a trial for a limited period in some cases. Ditto, in the professional world, you would be extremely shocked to find any business, no matter how small, without some form of protection against malicious attacks in place on individual PCs or controlling attacks at network level.
However, firewalls and antivirus software are no defence against acts of data theft and corruption from within an organisation on local machines or ‘endpoints’. Think it through in your own workplace; you probably wouldn’t be allowed to install new software without administrator privileges, but there is rarely anything in place that stops you connecting a digital camera to download those ‘critical’ images from the weekend to share with friends on Facebook!
This is equally as applicable to iPods, USB data sticks or, indeed, a mobile device. There will be people of more technical ilk reading this who will be aware that, as a system or network administrator, you simply can’t manage such device-level activity via a Group Policy.
Data leak protection
Using an endpoint data leak prevention (DLP) solution called DeviceLock, network administrators can lock out unauthorised users from USB and FireWire devices, WiFi and Bluetooth adapters, CD-ROM and floppy drives, serial and parallel ports, PDAs and smartphones and many other plug and play devices. Once the software is installed, administrators can control access to any device, even dependant on the time of day and day of the week.
For enterprises with standardised software and hardware-based encryption solutions, such as PGP Whole Disk Encryption and TrueCrypt, DeviceLock allows administrators to centrally define and remotely control the encryption policies their employees must follow when using any removable devices for storing and retrieving corporate data.
It may be that, for example, certain employees or their groups can be allowed to write to and read from only specifically encrypted USB flash drives, while other users of the corporate network can be permitted to ‘read only’ from non-encrypted mobile devices, but not write to them.
The USB white list allows you to authorise only specific devices that will not be locked regardless of any other settings. The intention is to allow special devices such as smart card readers, but lock all other devices. This can mean that access can be authorised for specific smartphones, uniquely identified by data signature, even when DeviceLock has otherwise blocked smartphones. As an extension to this, the Media White Listing can also specify authorised users and groups, so that only these users are able to access the contents of the smartphone.
At a corporate level, IT administrators and managers have a further level of reassurance available via the DeviceLock’s optional data shadowing capability, which significantly enhances control. This will notify an administrator that sensitive information has not left the premises on removable media. It captures full copies of files that are copied to authorised removable devices, smartphones, burned to CD and DVD, or even printed by authorised end users. Shadow copies are stored on a centralised component of an existing server.
As we all know, security of customer data is paramount in this industry as churn is a major issue for nearly every business, particularly when considering the movement of staff from one business to another, often because of the customer base that they control within their current employed role.
DeviceLock Enterprise Server can monitor remote computers in real time while checking service status and policy consistency and integrity which is stored as detailed information in a monitoring log. Furthermore, it is possible to define a master policy that can be automatically applied across selected remote computers in the event that their current policies are suspected to be out of date or damaged.
An administrator can generate a report concerning the permissions that have been set while constantly overseeing which users are assigned for which device, and what devices are on the ‘USB white list’ (explained above) on all the computers across a network.
Protection with control
This solution provides a level of precision control over device resources unavailable via Windows Group Policy and it does so with an interface that is seamlessly integrated into standard controls. With this being the case, it is far easier to implement and manage across workstations within a business.
As ever with apps reviewed in these pages, there will be many readers who have already switched off with a ‘that’s not for me’ attitude because it would appear to be only targeted at large or corporate businesses. However, I would encourage you to seriously consider reviewing a solution like this as it is often only in hindsight that we wish we had paid a little more attention to the detail.