ISSUE: Device Loss or Theft
The increasingly compact size of mobile devices with high memory, processing, and storage capacity has made the likelihood of losing a device with potentially sensitive information considerably higher. PDAs, smartphones, USB flash drives, CF or SD storage devices can sit unnoticed in a pocket.
The problems associated with device loss can result from both theft and inadvertent actions of users. Measures to contain the impact of device loss typically require a multi-layered approach involving:
- Encryption
- Device management
- Ad-hoc override commands
- Remote application and process control
- Backup, secure wipe, and restore capability
Another issue is the vulnerability of exposing corporate information and email servers through access by stolen, authenticated wireless devices.
It is also often difficult to know exactly what sensitive data was on a lost or stolen device.
PacketDNA Solution
Our Context Smart Encryption Management system combined with device time out and password measures help ensure that sensitive data is always protected on the device.
Data on a device is logged and tracked to ensure compliance with regulations and legislation. For audit purposes, administrators can always determine exactly what information was on the device.
Secure Receptor™’s ability to implement dynamic policy based upon the status of a device (stand-alone, or connected) helps ensure that the most appropriate policy is used. Automatically applied, the most effective policy is used to secure a device. This helps to minimize the impact from device theft or loss.
The Device Manager component of Secure Receptor™ protects against device loss threat scenarios through configuration and enforcement of the following:
- Access or denial of USB or other ports – for example; with a wireless connection, USB ports could be blocked, yet function as usual when connected in the office.
- USB and other storage devices can be registered with the Secure Receptor™ system. The policy is configured so that only authenticated devices can operate with the system. Thus, the extraction of data would require both an authenticated system and the registered external device.
- Access or denial of device connection through wireless or other connections can be configured under policy and dynamically reset to protect corporate networks. In the event a device is lost or stolen, denial of access to confidential information can be set under policy. Further, restricted access to facilitate identification and return of the device can be established.
- Processes such as cut or paste, as well as copy permissions can be specified.
- Moving files from internal to external devices or the reverse can be specified along with restrictions on the size of files that can be moved.
- Applications that are not registered with the system can be prevented from running. Thus, malware, Trojans, etc., can be prevented from running or installing.
- Email applications can be prevented from running and the contacts, appointments and calendar encrypted.
All of the functionality described above for security policy can also be undertaken on the fly with override remote ad-hoc commands. Thus, reported or suspected lost devices caused by repeated password error or other breach can be quickly backed up, securely wiped and killed. The data can be restored to a new or recovered device to save time and cost.
COMMENTS / BENEFITS