Managing USB Flash Drive Security
Monday, January 26th 2009 @ 9:00 PM (not yet rated)
For the most part, I have been looking at risks that materialize from finding and using unkown or unauthorized USB Flash Memory Drives.
However, I would like to offer some thoughts on how we can start to improve the protection of our business systems from data loss, as well as malicious code infections of our computers and networks, via mobile devices.
Certainly, we need to educate ourselves and our teams to start handling unknown and unauthorized devices more carefully. I spend a lot of time on this aspect of security. But there are some technical solutions I see coming that may be able to reduce these risks more reliably then ever before, while actually enabling people to do their jobs better.
While I've mentioned solutions like IronKey and TrueCrypt in my blog posts at Scott Wright's Security Views (click HERE), I had not heard of the solution from SanDisk until they approached me to do a review of their product, the SanDisk Cruzer Enterprise.
I was interested in seeing how a company better known for consumer electronics would do in an enterprise market offering. IronKey has set the bar pretty high, when it comes to the "ideal security solution for USB Flash Drives".
In the end, though, SanDisk has done a very good job at putting the essentials of mobile security into an easy-to-use package whose security policies can be controlled by a central management console.
While I don't have the resources to do a full, technical review or direct feature-for-feature comparison, I was able to see enough to know that the Cruzer Enterprise has hit what I think are the most important elements of a mobile security solution, and may even be able to offer more security through an alliance they have announced with other end-point security vendors.
An added benefit of these solutions is that, once you have a good technological solution for the whole process, end-to-end, you can start to enable things like trusted distribution of applications and data files from corporate servers to all mobile devices. The Cruzer Enterprise allows for configurable deployment of software to the devices, as well as centralized secure backups and password recovery.
The bottom line is that when you combine the SanDisk solution with other end-point components that can control the hardware ports or a computer, you may be able to not only control the safety of information going onto these devices, but you may also be able to ensure that no other devices will be recognized in your corporate computers. This will pretty much cover the major needs of a particular enterprise for protecting against both data loss and malicious code infection, simultaneously.
I invite you to give your thoughts on what features are important in securing USB Flash Drive solutions.
| | Is your security awareness training just a set of old Powerpoint slides that you pull out once a year and present at an all-hands meeting? You can now provide much more effective security awareness training for your staff, for much less cost than you think. Contact me if you'd like to discuss how you can create a culture of security through a variety of live programs, and modern e-Learning techniques.
Scott Wright
The Streetwise Security Coach
Join the Streetwise Security Zone at:
http://www.streetwise-security-zone.com/join.html
Phone: 1-613-693-0997
Email: scott@streetwise-security-zone.com
Twitter ID: http://www.twitter.com/streetsec
To receive weekly security tips and other notices about helpful content available on this site, please make sure you are on my list by clicking HERE, and entering your name and email address.
 
|
