|
From USB drives to MP3 players to DVDs, portable storage media are an end user's dream and a security manager's nightmare.
We evaluated six device control tools that can help you rest easier.
Did your business just walk out the door?
Our mobile workforce can steal or lose sensitive data quickly and without detection, from a software developer sneaking out gigabytes of valuable source code on his iPod to an executive's wireless-enabled laptop being sniffed at the local coffee shop.
Think about all the ways we move and store data on mobile devices: USB ports, which support a multitude of portable storage devices, including flash drives, portable hard drives, printers, and music and video players; FireWire, PCMCIA, serial and parallel ports, CDs/DVDs, tape drives and even the lowly floppy drive. Add unprotected WiFi, Bluetooth and Infrared (IrDA) connections, and you have a real security nightmare on your hands.
It wasn't long ago that security administrators controlled access to USB ports with epoxy or caulk and physically disabled onboard wireless. Now, however, instead of trying to ban use of portable storage devices and wireless connections, organizations can select from a fairly new but effective group of products that give them granular policy-based control over their use. Device control products can help balance productivity with security by allowing administrators to centrally authorize and monitor endpoint devices.
In a head-to-head review, Information Security examined six device control products, all of which provide centrally managed granular control over ports, inter- faces and storage devices: DeviceLock 6.0 from SmartLine, Sanctuary Device Con-trol 4.0 from SecureWave, Endpoint Access Manager 3.0 from ControlGuard, Device-Wall 4.5 from Centennial Software, Safend Protector 3.1 from Safend and Protect Mobile from Workshare.
 |
|
|
|
|
|
|
|
|
|
Making the Grade |
|
|
|
|
|
|
|
|
|
|
|
Click here for a comparison chart of the six device control tools we evaluated (PDF).
|
|
|
|
|
|
|
|
Each product was graded based on its ease of installation and configuration, policy, tampering resistance, port and device control, encryption support, performance, and monitoring, alerting and reporting. Overall, we found all the products performed as advertised, but there are enough differences to consider when choosing a portable endpoint data control solution (see "Making the Grade," (PDF)).
|
 |
|
