HOME
PAGE
MEMBER RESOURCES
ABOUT US
FORUMS
PARTNERS
PRODUCTS & SERVICES
FREE RESOURCES
LOGIN
HERE
JOIN
NOW!
You are not logged in. Access is limited. Login or see membership information. • Streetwise Security Zone Community
You Must Be Logged In
You must be a member of this group and logged in to rate this post. Please see the links above on joining this group and/or logging in.

To see the list of all blogs, including Scott Wright's Security Views Blog and the Streetwise Security Zone Podcast click HERE. You also can subscribe via an RSS reader, or check the "Watch This" box in the left column to receive news by email of new articles.


Watch this Blog Notify me by e-mail any time a new post is made to this blog.


Group Administrator

"ScottWright"

65% of honey sticks to date have been used in risky ways that could impact business operations. What's a Honey Stick? - Look for the link at the bottom of any article on this page for an explanation.

 

Customer Service Rep Security Awareness Test
Product ID: 00000002

Find out what your CSR knowledge of security policies and general security best practices is... before your clients do it for you! In the CSR Security Awareness Test, we schedule 5 randomly scheduled inquiries to your phon ... More »

Non-Member Price: $299.00 $249.00

January 2009 Posts

Archives
  The Honey Stick Project - Measuring risk decisions
Blog Entry

Managing USB Flash Drive Security

Monday, January 26th 2009 @ 9:00 PM (not yet rated)    post viewed 1590 times

For the most part, I have been looking at risks that materialize from finding and using unkown or unauthorized USB Flash Memory Drives.

However, I would like to offer some thoughts on how we can start to improve the protection of our business systems from data loss, as well as malicious code infections of our computers and networks, via mobile devices.

Certainly, we need to educate ourselves and our teams to start handling unknown and unauthorized devices more carefully. I spend a lot of time on this aspect of security. But there are some technical solutions I see coming that may be able to reduce these risks more reliably then ever before, while actually enabling people to do their jobs better.

While I've mentioned solutions like IronKey and TrueCrypt in my blog posts at Scott Wright's Security Views (click HERE), I had not heard of the solution from SanDisk until they approached me to do a review of their product, the SanDisk Cruzer Enterprise.

I was interested in seeing how a company better known for consumer electronics would do in an enterprise market offering. IronKey has set the bar pretty high, when it comes to the "ideal security solution for USB Flash Drives".

In the end, though, SanDisk has done a very good job at putting the essentials of mobile security into an easy-to-use package whose security policies can be controlled by a central management console.

While I don't have the resources to do a full, technical review or direct feature-for-feature comparison, I was able to see enough to know that the Cruzer Enterprise has hit what I think are the most important elements of a mobile security solution, and may even be able to offer more security through an alliance they have announced with other end-point security vendors.

An added benefit of these solutions is that, once you have a good technological solution for the whole process, end-to-end, you can start to enable things like trusted distribution of applications and data files from corporate servers to all mobile devices. The Cruzer Enterprise allows for configurable deployment of software to the devices, as well as centralized secure backups and password recovery.

The bottom line is that when you combine the SanDisk solution with other end-point components that can control the hardware ports or a computer, you may be able to not only control the safety of information going onto these devices, but you may also be able to ensure that no other devices will be recognized in your corporate computers. This will pretty much cover the major needs of a particular enterprise for protecting against both data loss and malicious code infection, simultaneously.

I invite you to give your thoughts on what features are important in securing USB Flash Drive solutions.

I am now offering monthly briefings, tailored to organizations that want to build and sustain security awareness for staff. Just because your security team is too busy to do its own training and awareness doesn't mean you can't have an economical way to address human security risks. Please call or email me at the coordinates below...

Scott Wright

The Streetwise Security Coach

Join the Streetwise Security Zone at:
http://www.streetwise-security-zone.com/join.html

Phone: 1-613-693-0997
Email: scott@streetwise-security-zone.com
Twitter ID: http://www.twitter.com/streetsec

To receive weekly security tips and other notices about helpful content available on this site, please make sure you are on my list by clicking HERE, and entering your name and email address.

 

 

Site Meter

 rate this post: very bad poor average good fantastic!
Comments