Reduce risk of identity theft, data loss and espionage
Prevent the spread of spyware, malware and viruses
Comply with legal obligations and best practices
Reduce legal risks
Maintain full business productivity
Handle exceptions quickly and easily
The Problem: Unauthorized Access
Identity theft, data
loss, malware propagation and computer
misuse are real risks facing every corporate
network. That’s why organizations have spent
millions protecting their email and internet
gateways. But with USB memory sticks, media
players, PDAs and other portable storage
devices, now a common sight in offices,
perimeter security solutions can’t manage
the threat of internal security breaches at network endpoints.
The focus on external threats often means leaving the security ‘back door’ open to malicious or accidental security breaches from within the enterprise – research from the Gartner Group states 4 out of every 5 IT-related crimes (that’s 80%) are committed from within an organization.
While removable media devices are becoming increasingly smaller in size with larger storage capacities, in the wrong hands they can prove damaging to an organization. A USB memory stick for example can hold up to 2GB of data, portable hard drives can store in excess of 100GB – ideal devices for the potential theft of data or introduction of viruses to the network.
The Solution: Taking Control
organizations to secure the network against
the risks presented by portable storage
devices by preventing the unauthorized
connection of unwanted devices to
company-owned PCs. DeviceWall makes it easy
to create and enforce a security policy that
determines which employees in the company
should be able to access different classes
of device. Any device type not explicitly
permitted is automatically blocked.
DeviceWall allows firms to close the security ‘back door’ by actively managing the access rights to removable storage devices and stopping the unauthorized use of all common portable storage and wireless devices, such as:
- USB & Firewire mass storage devices
- PDAs, Blackberry devices and Smartphones
- MP3 players: iPods, media players
- CD, DVD and floppy diskette drives
DeviceWall allows the
legitimate use of these devices by
authorized staff – ensuring that business
productivity is not affected – while
actively guarding against the removal of
data or the introduction of inappropriate or
malicious content to the network.
By blocking only the devices that are considered a risk to the organization, DeviceWall offers a more intelligent alternative to total PC lockdown. Focusing on the different types of devices, rather than solely on the means of connection, means that DeviceWall can safely lock out all USB memory sticks without fear of blocking
USB-connected keyboards and mice. Similarly you can allow trusted users to read information from CDs, but not to write files from the network or PC to a CD-R. DeviceWall also logs files moving on and off portable devices.
For laptops, DeviceWall can lock down wireless (Wi-Fi, Bluetooth and IRDA) ports, preventing the unauthorized connection of company assets to unknown devices and networks. DeviceWall also protects your mobile assets regardless of whether they are connected to the corporate network or not.
Educate, Enforce and Except
users a unique capability to operate in
‘silent’ or ‘high visibility’ modes.
DeviceWall can be configured to run in the
background with no user alerts, or in high
visibility mode where the user is actively
advised of security restrictions both at
login and if an attempt is made to connect
an unauthorized device.
No single policy can cover every real-life eventuality. As such, DeviceWall has a unique one-time policy exception facility that is fully controlled by the IT Admin function – even when the user has no way of connecting back to the Control Center. This is just one of the ways in which DeviceWall ensures it does not have a negative impact on business productivity.
DeviceWall provides an effective solution to the risks associated with removable media devices:
- Scenario 1 – “DeviceWall stopped me copying confidential files”
Contractor Jonathan doesn’t mind how he makes his money, either from the companies he works for or the people who would pay for the information he has access to. But his attempts to copy customer account information from an unmanned PC were thwarted by DeviceWall, which blocked access to his PDA.
- Scenario 2 - “I nearly introduced a virus onto my PC by accident”
Catherine borrowed a USB stick from a friend which she believed had holiday photos on. What she didn’t know was that the device was also carrying a virus which could have caused havoc on the network. DeviceWall blocked access to the USB drive, preventing costly damage to files.
- Scenario 3 - “I was offsite and needed urgent access to my CD drive”
At a meeting with an important client, Joe needed to copy files to a CD. While Joe did not normally have privileges to write CDs, his manager agreed that this was a special case and an administrator was able to allow Joe temporary access to write the CD, keeping the client happy.
You can’t calculate the ROI on security if you don’t measure the risks facing the network before and after implementation. DeviceWall’s historic reporting makes it easy to see the changing threat to network security over time, highlighting the number of blocked connections, or helping you spot the increased use of different device types.
Policy Audit Trail
In addition to reporting on
device connections, DeviceWall
also helps you maintain
regulatory compliance by
automatically creating a full
audit trail of all policy
changes, deployments and
temporary permissions for online
or offline users.
This audit trail provides important forensic evidence which can be reviewed at any time, or exported to a 3rd party reporting application.
Click for the DeviceWall 30-day Free Trial!
View the DeviceWall Flash Demo!
In addition to managing the presence of USB sticks, MP3 players, mobile phones and other devices on the corporate network, DeviceWall CAE provides an extra layer of security by giving administrators an accurate view of exactly what data is being copied to and from authorized devices.
DeviceWall CAE’s content filtering abilities allow it to determine the true nature of any data file, even if the file extension or properties have been altered in attempt to bypass security measures.
This is critical both to preventing sensitive information leaving the network, but also in protecting systems against the accidental or deliberate introduction of malicious code.
Contact SMA today to
more about DeviceWall.