Several times this year I've written about portable storage devices, ranging from USB keys to direct-attach USB hard drives, which are now in common use in most organizations. One point I've made about these devices is that their easy transportability is a potential security problem for IT. When anyone with a USB key can pull data off of a business computer, without regard for the security of that data, IT has a real problem.
I've gotten email from readers describing their solutions to the portable storage security problem--everything from banning the use of USB keys in the office to disabling USB ports at the OS level. None have been completely satisfied with their solutions, however, and each solution has introduced its own set of problems affecting business workflow. I've also recently received a number of email messages from IT pros who've suddenly realized that portable media players are also a storage device that can copy files from their client computers and networks.
This is the problem that SecureWave believes it has solved with its Sanctuary Device Control 3.0 product, a software tool that you can use to provide policy-based management and administration of portable storage devices--everything from USB keys to CD-R discs to digital media players. Sanctuary installs as a kernel-level device driver on the managed computers, enabling IT management to set ACLs on managed devices.
Whenever a user attempts to transfer data to a managed device, the Sanctuary device driver checks the ACL and determines whether the transfer is allowed. The software is fully OS-aware and understands how Plug and Play (PnP) devices work, which means that an approved device can simply be connected to a Windows computer, have the OS recognize it, and be available for use, without any need for IT to directly intervene. Integration with Active Directory (AD) is automatically available for the delegation of the administrative rights for the Sanctuary product.
The authorization process uses the whitelist model, whereby it blocks unknown devices from installing. This gives IT detailed control over each supported class of device, allowing authorization for only specific devices within a device class or even allowing only a single, uniquely identified device.
You can limit access to specific times or for read or write access only. Casually connected users receive a local copy of the access permissions list, which allows you to subject notebook users to the same stringent controls that apply to users always on the network. Permissions are updated the next time the user logs on to the corporate network.
Starting at a price of $45 per user, Sanctuary Device Control seems to be the answer IT needs to get a handle on the management of devices that let users copy data to and from the local storage on their computers and network. You can find full details about the product at Sanctuary Device Control Web site. Sanctuary Device Control is definitely worth a look if you're concerned about the security of data on your networks. Many scary stories are floating around the Net telling tales of potential information theft. Getting a grip on the management of removable and portable storage devices before an actual problem occurs can only be a good thing for IT.
