USB and Removable Media Security
The amount of data that can be quickly copied to removable storage devices is increasing every day. While these devices can significantly boost productivity, they can also poke dangerously large holes in data security and control policies. Threats caused by these devices include:
- Malicious users copying large amounts of data with no audit trail
- Well-intentioned users misplacing or throwing away devices containing sensitive information
- Viruses or other malicious code being introduced to the network via contaminated devices
- Violations of HIPAA, SOX, GLBA or other regulations due to sensitive data being copied and transported unencrypted
ZENworks Endpoint Security Management allows administrators to protect corporate data and assets both inside and outside the corporate security perimeter. With advanced, patent-pending, location-aware technology, ZENworks Endpoint Security Management enforces highly customizable storage device security policies that are centrally managed, automatically distributed to users or machines, and continuously enforced - always and everywhere - without user intervention.
With ZENworks Endpoint Security Management you can:
- Control usage of internal optical media and all types of removable storage devices, including:
- CD drives
- DVD drives
- USB thumb drives
- Floppy drives
- Zip drives
- mp3 players
- Permit or block access completely or limit the device to read-only access
- Enforce permissions based on the user's location
- Control the file system so devices that pose no security threat (such as a USB mouse) are not disabled
- Provide granular control of specific devices based on serial number
- Generate reports and alerts when allowable size thresholds have been exceeded
Novell® ZENworks® Endpoint Security Management Delivers Powerful and Granular Data Security
Storage device control
ZENworks Endpoint Security Management provides administrators control over the use of local optical media (CD-R/W, DVD+/-R/W) and all attached storage devices (USB thumb drives, floppy drives, flash memory cards, zip drives, SCSI PCMCIA cards and other removable media types). Administrators can set policy-based restrictions on device access privileges, which protects the integrity and confidentiality of data on the endpoints, while simultaneously protecting the endpoint from the introduction of malware and of any other unauthorized activities.
Serial number-based control
ZENworks Endpoint Security Management delivers granular control over which devices are allowed, blocked, or set to read only. A separate utility is also available for capturing device names and serial numbers in a master list that can then be imported into a policy.
Protection against unauditable transactions
ZENworks Endpoint Security Management protects against the introduction of local storage devices that can copy data without leaving an audit trail. These transactions are blocked by either completely disallowing use of such devices everywhere, or by disallowing their use based on an endpoint's network location. Storage devices can be placed in read-only mode or fully disabled, while the endpoint hard drive and all network drives remain accessible and operational.
ZENworks Endpoint Security Management includes reports and alerts to notify administrators and security officers of potential threats. Reports can include relevant location information, the names of files transferred to removable storage devices, their sizes, who transferred them, and when the file was transferred and to what device.