why focus on secure access and control
DESCRIPTION
If you don't control it you might loose Valuable data. Without the right measures and control functions applied it will fall into the wrong hands sooner or later!TRANSCRIPT
Information – the core asset of any company
• Information is stored in digital forms• In a multitude of locations• It can be easily transferred from one location or
device to another e.g.:• From internal corporate server to a workstation
• Which can be a laptop, smartphone or increasingly popular a tablet
• From workstation to a USB stick • From workstation to the cloud etc
Valuable data, but so many ways to loose it!Without the right measures applied it will fall into the wrong hands sooner or later!
Why Device Control is so important
• Users can transfer confidential and internal company data to various external devices
• Nowadays everybody has various devices with gigabytes of storage within them (USB Stick, Smartphone etc.)
• In the absence of control, any user can connect almost any storage device
• Communication devices like 3G/LTE modems are also a commodity
Controlling which devices the user can connect to their computer is an essential element of data security!EgoSecure is an effective way to put all these risks under control
Not all Device Control products are the same
• Many vendors have device control functionality in their portfolio
• Some solutions are very basic and not flexible enough
• Others are feature rich and highly secure but not easy to work with
In the next slides we will see what we need to take into consideration when choosing a Device Control strategy
Storage Device danger
• Users are afraid to use the internet to transfer internal and confidential data as they know that their activities can be traced on the gateway/proxy/firewall level (they don’t know what is installed on the gateway)• They believe that local file transfers are not monitored
• Many workplaces with high security requirements (e.g. banks) are disconnected from the internet or have very limited set of external resources which can be accessed
• But still local file transfers are not always monitored
• Very often the usage of external storage devices is not permitted but users still can violate the rules as there is no control and no policy enforcement
External modem danger
• Many corporate sub-networks have no access to the internet for security reasons
• … or web-sites not related to their work are blocked on the proxy/gateway level
• But still users want to access their favorite internet sites like Facebook etc.
• Some users can bring external communication devices and access internet and their favorite web sites directly
• It is not only the question of their productivity• Direct connections of workstations to the internet bypassing
existing firewall/gateway security policies pose extra risk to the whole corporate LAN
EgoSecure offers simple yet effective control of all communication devices
CD-ROM/DVD-ROM danger
• We think that the CD is out-of-date• But many computers are still equipped with CD/DVD drives• Quite often they are only used during initial system
installation, to install device drivers etc.• Often they are not really needed but they are “still there”• Nowadays almost all of them are really CD-RW/DVD RW• Simply, many vendors don’t produce read only CD-ROM
devices any longer • Which means that any user can bring blank disk and transfer
files there• Majority of companies don’t have any policies to restrict the
usage of such media• Or apply read-only permissions to read/write devicesWith one click EgoSecure can eliminate such risks by blocking or applying read-only policy to CD/DVD RW drives
Security without stopping business
• Administrators need to enforce strict security• The flipside of this is that it can block some important business
activity • E.g. the user is on a business trip and he needs to connect to
the internet but 3g modem and Wi-Fi are blocked by previously enforced policy
• Or the user needs to share a contract or some other documents with prospects but there is a policy to block removable media
• EgoSecure offers a set of options for administrators and users to roll back any policy
• Even on offline computers using unblocking codes• In the absence of such tools administrators are simply afraid to
enforce security policies• Which means no security at allEgoSecure combines high security and flexibility
Access query in EgoSecure
• User cannot change the policy by themselves
• This is the responsibility of administrator
• But the user can create request when he needs something which is blocked through the current policy
• Administrator will confirm this request if it is appropriate
• EgoSecure supports role-based management, so this can be done by the employee’s manager
• EgoSecure has built in helpdesk system which simplifies the life of both users and administrators
Access query in EgoSecure
User creates request inside the agent
He explains which device he needs to access
And what level of access he needs
After that he explains why he needs this
Administrator receives request
If he finds it logical he approves it
With one click
New policy will be created and the user will receive requested rightsSimple and fast! Minimum effort!
Offline Endpoint management in EgoSecure
Administrator generates unblocking code for the user to allow temporary access
User enters this code in the agentAnd receives required permissions. Even offline!
Offline Endpoint management
• Not all security vendors have options such as unblocking codes• Some of them have a passwords to switch off the security
solution completely • With EgoSecure it is possible to roll back the policy only in the
desired area, leaving other protection tools up and running
• Other vendors have an option to send new signed policy file to such users
• But sending a file is not always possible:• Policy blocks communication devices e.g. 3G/LTE modem• Or blocks WiFi• Or simply no internet connection is available
With EgoSecure the administrator always controls the situation!
Windows Group Policy as a Device Control tool
• There are many ways to control devices• Windows Group policy is one of them • In theory it is possible to control devices using Windows
Group policy without any 3rd party software• But this approach has certain disadvantages• Some 3rd party products are also using Windows Group
Policy as a mechanism • Unlike them EgoSecure uses it’s own communication
between the EgoSecure Management Server and the EgoSecure Agent
Windows Group Policy
• Windows Group Policies can be used to control which devices the user can connect to his corporate workstation
• But there are known issues with this approach:• Changed policies are not applied immediately • By default, policy is updated every 90 minutes• Or the user needs to logoff and login back• Or the user needs to open Start->cmd > gpupdate
• And also:• This will not work on non-domain computers• This will not work if the computer is not connected to
the corporate network (the user is on a business trip or working on the road)
Granularity of Policies
• Many solutions include basic device control features• Just the option to block the whole removable device class
• E.g. this is the only possible option with Windows Group Policy• As well as with many 3rd party Device Control products
• In EgoSecure more granular access is possible• It is possible to allow only certain devices based on their Hardware
ID, Serial number etc
• In EgoSecure it is possible to scan chosen computer or group of computers and find devices used
EgoSecure Device Control • Maximum security• High flexibility according to business needs• Policies are applied immediately • Built in Helpdesk system reduces the efforts to manage
security policies and adjust them to business needs• Full offline management through unblocking codes• Saves time of users and administrators• Granular policies
EgoSecure is the most flexible and friendly Device Control on the market
QUESTIONS ?
EGOSECURE GmbH
Pforzheimer Str. 13476275 Ettlingen/Germany
Phone +49(0)7243.354.95-0Mail [email protected]