![]() Removable storage device endpoint security and control. Thumb drives, removable memory cards and smartphones often carry business data without IT permission, oversight.. By submitting your personal information, you agree that Tech. Target and its partners may contact you regarding relevant content, products and special offers. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy. Unfortunately, these handy little portable storage devices can jeopardize gigabytes of sensitive information. According to a study by Applied Research- West, three of four workers save corporate data on thumb drives, including customer records (2. Yet, fewer than half of businesses routinely encrypt thumb drives. ![]() Fewer still consistently secure data copied onto today's rising tide of consumer smartphones. Some companies underestimate business risk posed by unencrypted portable storage. Others acknowledge the risk but, in lean economic times, lack the budget to battle it. But these excuses could leave employers in hot water if a regulated data breach occurs."If [a portable device] carries customer or payment information, you have to protect it, no matter who owns it," says Mark Jordan, senior product manager at Sybase. If you can't afford to manage and secure it, don't store sensitive data there. It's a cost versus liability decision; even one breach could bankrupt a small company."With laptop full disk encryption (FDE) on the rise, the next step is to plug these smaller data leak points. A holistic strategy for protecting data, no matter where it lives, is optimal. Symantec Endpoint Protection Update Policy Remotely Control ImacBut portable storage is used differently, requiring tweaked policies and tools. The trick is to achieve consistent data protection while mastering the unique challenges posed by thumb drives, removable memory cards and smartphones. Regulatory compliance demands more than encryption. Regulatory compliance tends to drive portable storage protection projects. From Sarbanes- Oxley Act (SOX) and the Federal Information Security Management Act (FISMA) to the California Senate Bill 1. Massachusetts Data Protection Act, companies have plenty of motivation to stay out of breach headlines. In April 2. 00. 9, a single Black. Berry stolen from a hospital put 3,2. In October 2. 00. GB thumb drive stolen from a worker's car exposed more than 1. Unfortunately, data breaches such as these are no longer rare or limited to laptops."If I'm a compliance officer, responsible for keeping data private so that my company can thrive, I have to be thinking about not just my own machines, but data everywhere," says Sean Glynn, vice president of marketing at Credant. My company is still responsible for that data and could face heavy fines if I can't report on its status."But, from giveaway thumb drives to personal i. ![]() Symantec Endpoint Protection Update Policy Remotely Control IphonePhones, many portable storage devices enter the workplace without IT approval."You could try to block those devices, but that horse has left the barn. Because it is executives who bring in the latest gadgets- -executive bling- -any policy that blocks everything [unknown] quickly gets broken. Many of our customers are at the stage of auditing where data is going, trying to decide what to do," says Glynn. Jordan counsels customers to consider all possible data loss vectors for each device. Suppose a lost device is protected with FDE and restrictive passwords. That's great, but what happens when [a thief] removes that device's SD or SIM card? You have to make sure that everything is protected and that you can detect any attempted breach," he says. Rigorous protection may also require more than native encryption. ยท Symantec Norton Security Deluxe offers award-winning antivirus and a tough, self-sufficient firewall, without dragging down system performance. It can. See How Symantec Endpoint Protection uses the Intelligent Threat Cloud Service. See About Windows client installation packages. Generic Exploit Mitigation (Windows). Adventures in Attacking Wind Farm Control Networks. Wind farms are becoming a leading source for renewable energy. The increased reliance on wind energy makes wind. For example, "There's a perception that if you lock your Black. Berry, everything is encrypted" says John Jefferies, vice president of marketing at Iron. Key. "But the Mantech Crowbar can snap the contents of a Black.Berry's SD card quickly, cracking a 4- digit PIN in 3.While standalone media encryption is sufficient for some businesses, it may not satisfy auditors.In addition to centralized policy enforcement and reporting, "Some customers feel that they can't comply with SOX unless they can unlock a device to recover data if an employee leaves," says Jefferies.Remote wipe and kill have also become increasingly important; the Massachusetts law mandates that functionality."Defining acceptable use.Most people who find a thumb drive try to read it and then start using it to transport files. Murder Mystery Party Kits Uk Daily Mail . Smartphone purchasers usually synchronize contacts and email during set- up.It is simply human nature to quickly copy a mixture of personal and business data onto these devices. Personality Plus Florence Littauer Pdf Download . Risk reduction therefore begins with policies that govern acceptable use. Limit business data exposure by defining what can and cannot be copied onto each device and how that data may be stored, modified, deleted, or shared with others. Identify how device status and data movement will be monitored and enforced, including scenarios in which IT may recover or delete business (and perhaps personal) data. Tim Matthews, a senior director at PGP, recommends that policies assume multiple devices per worker- -some IT- issued, some not. Each person probably has one laptop, one phone, and several USB drives that they want to take home or share with partners and co- workers. These days, people often have at least two or three USB sticks, plus a terabyte removable drive [for backup], that are not provisioned by IT."Even business phone procurement seems to be changing. The trend now, based on consumerization and cost, is to let employees buy their own smartphones," says Khoi Nguyen, group product manager, mobile security group, Symantec. Some companies are giving employees a stipend towards whatever device they want to use. But, once users choose their phone, they have to sign [AUPs] where they agree to install certain required software and to let IT apply certain policies."Given device proliferation, Ram Krishnan, senior vice president of products and marketing at Guardian. Edge, recommends defining policies to control data flow. Define granular blacklists or whitelists to restrict data transfer onto any removable media," he says. In addition to [device] types, makes, and models, specify [permissible] port and file types - - for example, letting presentations but not spreadsheets be copied [via] USB."To promote compliance, policies should reduce data risk while minimizing user impact. For example, Jesper Svegby, product manager for Check. Point mobile security solutions, suggests defining very selective encryption policies for smartphones and SD cards. Customers often encrypt calendar/contact files but leave the rest unencrypted, because users are very sensitive about anything that slows down their phone."On thumb drives, minimizing user impact might mean letting workers edit files on home PCs while automatically deterring offsite threat exposure. When thumb drives are used to share files with third parties, policies might mandate encryption in a way that does not require recipients to install decryption programs. For policies to be effective, common use cases like these must be addressed, either by defining required practices or prohibiting unsafe activities. Managing portable storage. To implement policies that protect business data, portable storage devices must be inventoried, configured, and monitored- -no matter who owns them. IT- issued smartphones were traditionally managed using OS- specific platforms like Blackberry Enterprise Server. But the i. Phone's popularity fostered growth in unified consoles that manage heterogeneous smartphones. Platforms from Credant, Good, Guardian. Edge, Sybase, and Trust Digital can now be used to provision and enforce data protection policies on Windows Mobile, Symbian, i.Phone, and (sometimes) Palm.Although encryption capabilities differ for each mobile OS, unified consoles can still provide a single point of control and reporting - - for example, to quickly issue a remote data wipe command on any lost smartphone. Torque Pro Obd 2 And Car V1 6 26 Android Sdk . Centralized management also plays a critical role in protecting thumb drives.Some solutions are drive- centric- -for example, Iron.Key, Kanguru, and Sandisk offer consoles to remotely provision, monitor, and enforce data protection on their own thumb drives.Alternatively, vendors such as Bit.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |