DeviceLockR
STOP DATA FROM SLIPPING THROUGH
YOUR FINGERS
  

Español
    Products     Purchase     Downloads     Partners     Support     Company     Contact Us     Site Map  
Case Study
City of London Police Selects DeviceLock® To Secure USB Ports

Information security has always been a top priority for the City of London Police but has become even more so since its involvement in the Home Office IMPACT program which is designed to improve the sharing of information between police forces. As this necessitates the transfer of highly sensitive data, the police force has taken industry leading steps to ensure information leakage is avoided at all costs, its electronic borders are protected and the integrity of its information secured. As well as a comprehensive IT security policy endpoint device security solution DeviceLock® from SmartLine Inc has been implemented to safeguard against the unauthorised electronic copying and transmission of data on to mobile devices and to ensure all potential points for electronic data leakage have been identified and secured.

Learn more>>

contactssite map
 

Network World: "The theft threat"

10/27/2004

The theft threat

By Barton Mckinley
Source: Network World

Sue is an industrial spy who has arranged to attend a meeting at the company she is targeting. She slips away from the meeting to check out the marketing department. It's lunchtime, and the place is almost empty. Sue quickly spots a PC that's still logged on to the network. She steps into the cubicle where she is hidden from view, plugs her 512M-byte USB memory stick into the workstation and copies several folders and a client database from the local and network drives. She unplugs and pockets the memory stick and nonchalantly leaves. The whole process takes less than 5 minutes, and nobody knows that she has stolen more than 200M bytes of corporate data.

This all too possible scenario illustrates a growing security concern. The fear is that people will use USB memory sticks, MP3 players and the like to upload malware, steal data from corporate networks, and share stolen software, MP3 or AVI files. In its report, "How to Tackle the Threat from Portable Storage Devices," Gartner suggested that organizations forbid attachment of privately owned portable storage devices to corporate PCs. The report also recommended that desktop PCs be carefully configured to remove or disable drivers needed to use such unauthorized devices.

Ultimately, any portable storage device policy will need to be backed up with compliance or monitoring tools. This likely will require third-party software because standard operating system tools such as Windows 2000 Group Policy do not enable monitoring or blocking of individual ports.

One product that might fit the bill is SmartLine's DeviceLock, which lets network administrators control user access to I/O ports and storage devices on local workstations. With DeviceLock, individual users are assigned privileges depending on who they are, what device is involved, and the date and time. For example, a network administrator could let one consultant use his USB memory stick but block all other consultants from doing so. The consultant also could be blocked from attaching his MP3 player.

In the end, policy and enforcement are more likely to be effective than a ban of portable storage devices. After all, a ban isn't going to block someone like Sue, anyway.

Full story at nwfusion.com

Related articles:
Understand the risks of USB storage devices
USB and FireWire devices pose security threat
Corporate security: risks of the insiders attack

News archive