I was walking the other day, thinking about organizational security. There are all kinds of products out there to help you harden your perimeter. But there is one area that scares the daylights out of corporate security professionals - portable storage media. It wasn’t that long ago when 1.44 MB floppy drives ruled the day. And getting enormous amounts of sensitive data would have taken a long time. Now, we have 60GB iPods that can be easily taken into companies and used against them. And what most organizations fail to realize is that most crimes are not usually carried out by outsiders. The Computer Crime Research Center found that 98% of all crimes committed against companies had insider connections. So, if our potential threats are already inside our walls, how can we guard against security nightmares?
…
This is where GFI’s EndPointSecurity comes into play. EndPointSecurity allows you to create security policies for portable media devices. This includes USB ports(flash cards and pen drives), firewire ports(digital cameras, firewire card readers), wireless data connections(bluetooth dongles), floppy disk drives(internal and external), and optical drives(CD, DVD, and magneto optical - internal and external). So, I decided to take EndPointSecurity for a small test drive. I installed the fully functional 10 day trial version. You can do this too by going to EndPointSecurity website.
Once you install the product, it takes you to a wizard. The wizard walks you through securing the computers on your network. Here you select the computers on your network to protect and the security policy you want to enact on those computers. They have three default policies: servers, workstations, and laptops. But you can create your own protection policies to cater to your own needs. And in those policies, you add the users and groups that will have the security rights that you assign. This allows somewhat granular control without being unbearably confusing. Bear in mind, that the default policies don’t have users or groups assigned. If you push out those policies as is, you will quickly find that your users don’t have access rights. But that’s all in the manual.
So, I decided that I would do a simple test. I wanted to lock down security on my workstation. I didn’t want to allow access to my external flash drive. So, I simply removed my read and write rights. Then I updated the policy for that computer. Now, when I go to view my flash drive, I get an error saying I don’t have permission to do that. Simple and easy.
Conclusion:
GFI EndPointSecurity fills a void in the security market. The rise of portable media devices is only going to get more prolific. And as these devices mature, they are going to get smaller, easier to install, and harder to stop. EndPointSecurity gives administrators a slick way to control access rights to these portable media across the network. It integrates with Active Directory and is simple to use. I like this product and give it 4 out of 5 stars.
Screenshots:
Note: the above is a sponsored review.
If you would like to make a comment, please fill out the form below.
Recent Comments