The explosion of new devices like USB memory sticks and iPods is adding to the quagmire of security challenges faced by IT enterprises.
But a new offering announced today by security firm SecureWave claims to help mitigate the threat posed by those end points by granting ‘Sanctuary’ to authorized devices and shadowing them to log their activity.
The company’s new Sanctuary Device Control is intended to facilitate the central management and administration of end point device usage and policies. The software creates a ‘whitelist’ of valid devices that may connect to a network. Those devices will need to have been setup and authorized by a network administrator to permit them to run on a networked asset.
“Security professionals realize that the perimeter has disappeared and that most endpoints are regularly accessed by peripherals, devices and media which are outside of the corporate domain,” said Bob Johnson, CEO of SecureWave in a statement. “In an era of insider theft, blended threats and government-regulated data, enterprises need to take a proactive approach to blocking unauthorized access, while tracking the flow of
sensitive information to authorized devices.”
SecureWave’s Device Shadowing solution, also announced today, effectively ‘shadows’ the permitted device logging the device’s activity for auditing purposes. According to SecureWave, the combined Sanctuary and Device Shadowing solution allows organizations to control, which devices have, access, while tracking what information is stored to those devices.
“The way this works is that there is a client piece that has to live on each and every device that is managed,” Dennis Szerszen SecureWave vice president of business development explained to internetnews.com.
That client piece then interactively communicates online with the administration console and whitelist database. Szerszen noted that the client piece is not a ‘chokepoint’ and that communication only occurs at device initiation and termination. That said, the sophisticated policy and usage management features effectively controls how end point devices are allowed to access the network such that access may be restricted to certain hours of the day or even a transfer quota.
“Basically I’m keep you from doing anything other than what you really need to do to do your job with that piece,” Szerszen said.
The whole client end of the application is designed to work in the background without the user being able to disable it. Szerszen explained that it is a kernel driver not an admin service or an application so a user can’t hit control alt delete and disable it.
“It is embedded in the sub-OS,” he said.
SecureWave claims that over 400 organizations are using some version of its software already including European giants like Airbus and Norwich Union. The Sanctuary Device Control with Device Shadowing application is currently available for $45 per user license for Windows.
In a separate announcement, SecureWave — originally a European company based in Luxembourg — recently opened a new office in Durham, North Carolina.