Portable, handheld storage devices, like USB memory sticks and
iPods, are posing a greater security risk internally to many businesses that
are primarily focused on halting external threats.
Centennial Software, a developer of IT asset discovery and security
management solutions, said it is addressing one of the biggest, and
possibly most overlooked, security threats facing organizations —
the unauthorized use of removable media by anyone with access to PCs on the
network.
The Portland, Ore.-based company today announced the availability of
DeviceWall 3.0, a new enterprise security solution that focuses on halting
those increasing threats.
“It has never been easier to walk out with your corporate data these
days,” Matt Fisher, vice president of marketing at Centennial, said. “They
don’t need a backpack full of files or even a plug-in hard drive a tiny 2GB
thumb drive can do severe long-term damage to a company’s operations and
reputation.”
The latest version of DeviceWall offers permission control and
“increased granularity” for managing the growing use of USB sticks, iPods,
PDAs, Smartphones, CDs burners and other devices, according to Fisher.
The solution also adds the ability to lock down Bluetooth, Infrared and
Wi-Fi wireless connections, preventing the transfer of information between
corporate PCs and unauthorized devices, he said.
These small devices pose big risks to businesses as they can be used to
deliberately or inadvertently remove sensitive data from the corporate
network, introduce malicious code or transfer inappropriate content.
According to Fisher, research indicates 80 percent of IT related crimes
originate from
within a corporate network, while most IT managers have been focused on external threats.
Mike Heffernan, Computer Operations Manager at Los Angeles Yellow Cab
Co-op, agrees, noting security is his organization’s top priority.
“Like many others, we have spent much time and many resources securing
our assets from the ‘glamorous’ vulnerabilities: viruses, spam, malware,
intrusions,” he said in a statement. “Whether it’s as serious as preventing
data theft or as basic as blocking introduction of unwanted files or malware
onto the network, we needed to be able to prevent access by certain types of
devices.”
DeviceWall can be controlled by both user and device class, which enables
authorized users to continue unhindered and minimizing the impact on
business productivity.
“Today, it is extremely easy to suck critical data from a production
network and walk out with it on a device the size of a pack of gum,”
Heffernan said. “Yet it is equally unproductive to deny users the resources
they need to do their jobs effectively.”