This article can also be found in the Premium Editorial Download "Information Security magazine: Compliance vs. security: Prevent an either-or mentality."
Download it now to read this article plus other related content.
Did your business just walk out the door?
Our mobile workforce can steal or lose sensitive data quickly and without detection, from a software developer sneaking out gigabytes of valuable source code on his iPod to an executive's wireless-enabled laptop being sniffed at the local coffee shop.
Think about all the ways we move and store data on mobile devices: USB ports, which support a multitude of portable storage devices, including flash drives, portable hard drives, printers, and music and video players; FireWire, PCMCIA, serial and parallel ports, CDs/DVDs, tape drives and even the lowly floppy drive. Add unprotected WiFi, Bluetooth and Infrared (IrDA) connections, and you have a real security nightmare on your hands.
It wasn't long ago that security administrators controlled access to USB ports with epoxy or caulk and physically disabled onboard wireless. Now, however, instead of trying to ban use of portable storage devices and wireless connections, organizations can select from a fairly new but effective group of products that give them granular policy-based control over their use. Device control products can help balance productivity with security by allowing administrators to centrally authorize and monitor endpoint devices.
In a head-to-head review, Information Security examined six device control products, all of which provide centrally managed granular control over ports, interfaces and storage devices: DeviceLock 6.0 from SmartLine,
|Making the Grade|
|Click here for a comparison chart of the six device control tools we evaluated (PDF).|
Each product was graded based on its ease of installation and configuration, policy, tampering resistance, port and device control, encryption support, performance, and monitoring, alerting and reporting. Overall, we found all the products performed as advertised, but there are enough differences to consider when choosing a portable endpoint data control solution (see "Making the Grade," (PDF)).
This was first published in March 2007