member sign-in
Forgot password? Create new account Close

Device Control

Definition

Device Control is the technology that provides built-in security that detects, authorizes, and secures removable storage devices and media (such as USB drives, CDs, and DVDs).

User Benefits

Removable digital storage devices (such as USB flash drives and CD/DVD drives) and mobile connection technologies (such as Wi-Fi, FireWire, and Bluetooth) are convenient and enhance productivity, but present new security risks to the enterprise. The data on these removable endpoint devices and media may contain intellectual property or sensitive customer information and company policy and employee education can be insufficient to safeguard the data from insider threats and accidental data leakage. The exposure of sensitive data that results from the loss or theft of a removable storage device or medium can result in financial expenses, legal ramifications, and brand damage.

A Device Control product will give to the enterprise:

  • Easy, automatic operation - Permits safe and authorized removable storage use, without changing the user experience or reducing productivity.
  • Enforced security policies- Enforces policies for device usage via USB, FireWire, Wi-Fi, and Bluetooth connections; can also log usage and demonstrate compliance to auditors.
  • Accelerated deployment- Reduces setup time and speeds enterprise protection without requiring user intervention and by leveraging existing enterprise directory infrastructure.
  • Reduced operation costs - Result from fast deployment, ease of use, centralized management, and automated enforcement of security policies.

Business Impact

It provides organizations with the ability to see, manage, modify, enforce, and report on access and usage of portable devices on all endpoints throughout an organization—distributed, centralized, on-network, off-network. Whether a user connects an iPod, a USB key, or another device the Device Control product enables comprehensive management of those devices


Products supporting this technology

McAfee

Today, security officers and information technology administrators are facing unique challenges regarding the protection of data at the endpoints. It is about increasing regulations, increasing fines and penalties in the event of a data breach, and also reduced IT budgets.

As volumes of sensitive information go beyond laptops and desktops and onto USB drives, optical media, and across corporate networks; protecting data has become now more difficult than ever. It is possible for an organization to have an effectively balance between convenience, cost, and risk.  It is essential to have and strategic approach to managing the risk of data loss from endpoints, while balancing cost and complexity.

As USB devices have evolved into useful storage media, and in the same tame became security nightmare for organizations. The usage of USB devices are encouraged and embraced today to aid in the reduction of operating costs. Take control of the removable media threat, control the flow of inbound and outbound data from your endpoints and enable managed use of these productivity tools by enforcing removable device usage policies.

After more of 10 years of development, USB storage devices come in just about every conceivable shape and size, from 1 gigabyte (GB) drives fashioned as a small toy to standard external drives with capacities up to 6 terabytes (TB)and more. Once a mere novelty peripheral, these devices are now as common as the mouse and keyboard. Analysts say by 2011 the market will have shipped 3.2 billion USB enabled devices. Unfortunately, even as USB devices have evolved into useful storage media, they’ve also turned into a security danger for organizations. The development of USB technology has always been about ease of use, connectivity, low cost and performance – with little if any thought to security. But not only corporate users enjoy the benefits of today’s USB devices, cyber-criminals and data thieves are increasingly using removable media to introduce malware and steal information from computers.

It is enough to read the news regularly to see that USB devices are involved time and time again in today’s highest profile data breaches, either through the loading of breach-causing malware into the backend corporate network, by facilitating intentional covert removal of copied data, or simply by enabling data loss through the misplacement of an unencrypted device.

When engineers first started working on the Universal Serial Bus (USB) format in 1994, their goal was to develop a single, power-efficient standard that could replace the growing number of peripheral connections that cluttered the back of our PCs. Security wasn’t in their minds—back then it was hardly on the minds of most IT pros. From the establishment of the USB 1.0 standard to the roll-out of iPods and thumb drives and through the development of mega-storage devices, innovation has always only about speed, capacity and convenience. With the release of the USB 3.0 standard, we’re now seeing data transfer rates at a blazing 5 Gbit/s, more than 10 times faster than the previous iteration. At the same time, USB flash drives will soon hit 128 GB and external drives have expanded to 6 TB and more. This has meant great things for the business world, which hails these devices as incredible productivity boosters.  For example on 2 GB USB drive can copy 139,000 text files, 21,000 documents, 1,400 spreadsheets. It is only a 2 GB USB dive.

But as we approach the roll out of the first USB 3.0 - enabled devices, all of those gains may well be negated by the fact that even as times have changed in regard to security, the USB standard has not. Security is still as neglected as the day USB was first conceived.

Companies are reporting an increase in malware that propagates via USB devices and other removable media.

The most popular methods currently in use are:

Simple file copy method - Relies on social engineering to entice the user to click on an application icon to launch the application which then copies itself to all available drives.

AutoRun.inf modification method - Modifies or creates an AutoRun.inf file on all available drives, shares and removable media. When an infected USB drive is later inserted into another computer, the malicious software automatically executes with no user intervention.

Data Loss - The widespread use of USB devices within an organization can open it up to data loss on two major fronts: data stolen by copying onto a device, and data stolen by copying from a device.

Anonymous Hacking - An extremely useful feature of USB drives is their ability to act as a “PC on a stick” through the use of certain platform and virtualization utilities such as BartPE/PeToUSB, UBCD4, UNetBootin and MojoPac.

It also makes it possible for malicious users to replicate their entire Windows hacking lab with a USB device and run it on virtually any PC with an available USB port. When the malicious user is done, just simply removes the USB device and leaves without a trace.

The majority of the risks is not simply limited to the USB standard, but extends to all forms of removable media in use today including CD, DVD and Blu-ray drives as well as FireWire and eSATA connected devices. Many of today’s popular CD-based network penetration testing tools that are used by individuals with good intent can unfortunately also be used by an unauthorized malicious person with bad intent. Examples can include installing Trojans or key loggers, placing undetectable malware deep within the network and creating network backdoors to allow unauthorized persons a direct path through network defenses to the compromised PC. Simply put, you are putting yourself at great risk when you do not control specifically who can run what applications from your removable media drives. It is hard to imagine any good could come from allowing uncontrolled use of a CD/DVD drive.

In order to win the war against mobile malware and information theft, organizations must develop clear, in depth policies regarding the use of removable devices and media within the organization and must also deploy proactive solutions, such as Device Control solutions.

Sadly, many IT departments have a simplified attitude about USB devices or generally about devices and the employees who use them. Either totally ignore personal devices on the network - taking the stance that it’s the employee’s device, so why bother supporting or even acknowledging its existence – or to completely ban devices altogether.

Neither approach is good for the business. Ignoring USB devices is the same like ignoring the possibility of data walking out the door or malware spreading through infected devices. Impose a drastic prohibition and the resentment among workers and their managers can increase. Actually, USBs are designed for productivity. Also, forbidding these devices is almost an extended way of ignoring a problem. Adopting a ‘disable ports and forget’ attitude can be costly if a system is overlooked and the IT department doesn’t even have the USB problem on the radar and has no way to track rogue devices.

Using a Device Control solution it is possible to specify which devices can and cannot be used, specifying which devices can and cannot be used by any Windows device parameter, including product ID, vendor ID, serial numbers, device class, device name, and more Also the solution make possible to control not only the device but also data policies by user, group or department.

It is easy to have full visibility and control when a Device Control solution is in place and have support for auditing and compliance needs with detailed user- and device-level logging.  Also it is possible to gather incident details such as device, time stamp, evidence, and more for prompt and proper response, investigation, and audit

A company that implements a Device Control product mitigates the risks associated with removable digital storage devices and mobile connection technologies. This type of technology provides built-in security that detects, authorizes, and makes possible to enforce centrally defined device usage policies.

  • manufacturer