Secure your devices
KNOW MORE ABOUT Device Control
Today, information technology administrators are facing unique challenges regarding the protection of data specifically at the endpoints. It is about increasing regulations, increasing fines and penalties in the event of a data breach, and also reduced IT budgets.
As USB devices have evolved into useful storage media, and in the same time became security nightmare for organizations. The usage of USB devices are encouraged and embraced today to aid in the reduction of operating costs. Take control of the removable media threat, control the flow of inbound and outbound data from your endpoints and enable managed use of these productivity tools by enforcing removable device usage policies.
After more of 10 years of development, USB storage devices come in just about every conceivable shape and size, from 1 gigabyte (GB) drives fashioned as a small toy to standard external drives with capacities up to 6 terabytes (TB)and more. Once a mere novelty peripheral, these devices are now as common as the mouse and keyboard. Analysts say by 2011 the market will have shipped 3.2 billion USB enabled devices. Unfortunately, even as USB devices have evolved into useful storage media, they’ve also turned into a security danger for organizations. The development of USB technology has always been about ease of use, connectivity, low cost and performance – with little if any thought to security. But not only corporate users enjoy the benefits of today’s USB devices, cyber-criminals and data thieves are increasingly using removable media to introduce malware and steal information from computers.
The Dangers of USB Drives
An extremely useful feature of USB drives is their ability to act as a “PC on a stick” through the use of certain platform and virtualization utilities such as BartPE/PeToUSB, UBCD4, UNetBootin and MojoPac.
The widespread use of USB devices within an organization can open it up to data loss on two major fronts: data stolen by copying onto a device, and data stolen by copying from a device.
AutoRun.inf modification method
Modifies or creates an AutoRun.inf file on all available drives, shares and removable media. When an infected USB drive is later inserted into another computer, the malicious software automatically executes with no user intervention.
Simple file copy method
Relies on social engineering to entice the user to click on an application icon to launch the application which then copies itself to all available drives.
It also makes it possible for malicious users to replicate their entire Windows hacking lab with a USB device and run it on virtually any PC with an available USB port. When the malicious user is done, just simply removes the USB device and leaves without a trace.
Does It Only Include USB Drives?
Risks are not simply limited to the USB standard, but extends to all forms of removable media in use today including CD, DVD and Blu-ray drives as well as FireWire and eSATA connected devices.
Many of today’s popular CD-based network penetration testing tools that are used by individuals with good intent can unfortunately also be used by an unauthorized malicious person with bad intent. Examples can include installing Trojans or key loggers, placing undetectable malware deep within the network and creating network backdoors to allow unauthorized persons a direct path through network defenses to the compromised PC. Simply put, you are putting yourself at great risk when you do not control specifically who can run what applications from your removable media drives. It is hard to imagine any good could come from allowing uncontrolled use of a CD/DVD drive.
What to do?
In order to win the war against mobile malware and information theft, organizations must develop clear, in depth policies regarding the use of removable devices and media within the organization and must also deploy proactive solutions, such as Device Control solutions.
Using a Device Control solution it is possible to specify which devices can and cannot be used, specifying which devices can and cannot be used by any Windows device parameter, including product ID, vendor ID, serial numbers, device class, device name, and more Also the solution make possible to control not only the device but also data policies by user, group or department.
It is easy to have full visibility and control when a Device Control solution is in place and have support for auditing and compliance needs with detailed user- and device-level logging. Also it is possible to gather incident details such as device, time stamp, evidence, and more for prompt and proper response, investigation, and audit
A company that implements a Device Control product mitigates the risks associated with removable digital storage devices and mobile connection technologies. This type of technology provides built-in security that detects, authorizes, and makes possible to enforce centrally defined device usage policies.
What is Device Control
Device Control is the technology that provides built-in security that detects, authorizes, and secures removable storage devices and media.
Companies and organizations open or block access to devices such as data storage media, including removable devices, CD/DVDs, data transfer devices such as modems or external network adapters, printers, multi-function peripherals, and connection buses such as USBs and FireWire
Removable digital storage devices (such as USB flash drives and CD/DVD drives) and mobile connection technologies (such as Wi-Fi, FireWire, and Bluetooth) are convenient and enhance productivity, but present new security risks to the enterprise. The data on these removable endpoint devices and media may contain intellectual property or sensitive customer information and company policy and employee education can be insufficient to safeguard the data from insider threats and accidental data leakage. The exposure of sensitive data that results from the loss or theft of a removable storage device or medium can result in financial expenses, legal ramifications, and brand damage.
A Device Control product will give to the enterprise:
- Easy, automatic operation – Permits safe and authorized removable storage use, without changing the user experience or reducing productivity.
- Enforced security policies- Enforces policies for device usage via USB, FireWire, Wi-Fi, and Bluetooth connections; can also log usage and demonstrate compliance to auditors.
- Accelerated deployment- Reduces setup time and speeds enterprise protection without requiring user intervention and by leveraging existing enterprise directory infrastructure.
- Reduced operation costs – Result from fast deployment, ease of use, centralized management, and automated enforcement of security policies.
It provides organizations with the ability to see, manage, modify, enforce, and report on access and usage of portable devices on all endpoints throughout an organization—distributed, centralized, on-network, off-network. Whether a user connects an iPod, a USB key, or another device the Device Control product enables comprehensive management of those devices