Feature

Device Management: Pointsec Protector software review

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Tips from the 2007 Security 7 Awards."

Download it now to read this article plus other related content.

The administration console is intuitive, and multiple tiers of administrative access can be assigned for distributed management. We were able to easily manage users, groups and devices, policies, alerts and encryption, and create and view audits, logs and reports.


Policy ControlA  
We began by editing Protector's default profile through a series of tabs to choose what types of devices and removable media to permit/deny access, define encryption, create email alerts, and assign stringent policies for groups that fell under compliance regulations (e.g., finance) and less stringent for others.

Policies are layered, so the default policy is applied to every group to which it is assigned. When another policy profile is created, it can inherit from the default policy or become a new profile. For example, in the default profile we globally banned iPods and enabled encryption on all USB storage devices. The next policy, while it inherits the default profile, may define access to approved devices, such as portable hard drives, on which encryption from the default policy will be enforced.

Policies can be assigned on a user, group or device basis. Administrators can restrict the types of files that may be transferred or the launching of unauthorized applications from

    Requires Free Membership to View

removable media.

Protector uses combinations of whitelists and blacklists to block access to devices and files without any legitimate business purpose, while still allowing users access to critical tools, applications and data defined by brand, model and file type.


ReportingA  
Protector excels in logging and reporting. With detailed auditing, administrators can determine what devices are being used and in what way. Alerts are easily set up to be sent via email; we assigned each AD group a different notification recipient simulating department managers being alerted to their employees doing such things as downloading music at work or copying sensitive files to portable media.

Logs can be customized, filtered by column heading and exported to CSV. Reports are equally flexible and can be exported in HTML.


This was first published in October 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: