STOP data leakage!
Are Open USB and other media ports Your Greatest Vulnerability?
Close Them Now with DeviceLock®!
Today PCs are delivered with a multitude of I/O options, many unnecessary to a given job function. At the same time, 100GB of portable storage weighs just a few ounces, sells for just a few hundred dollars, transfers data at high speeds and connects seamlessly to any PC. No power source or password required. The combination has made it more difficult for IT security staffs to limit PC users to only the information and computer resources needed to do their jobs.
The endpoint device security solution DeviceLock® empowers IT management to enforce the limits set by internal security policy and external compliance boards. It stops data leaks from happening locally by denying access to peripheral ports and drives when any employee or visitor attempts a network upload or download to a device without appropriate permission.
DeviceLock® gives network administrators control over which users can access what devices (floppies, serial and parallel ports, Magneto-Optical disks, CD-ROMs, ZIPs, PDAs, smartphones, USB, FireWire, Infrared, WiFi, Bluetooth, etc.) on a local computer. Once DeviceLock® is installed, administrators can control access to floppies, CD-ROMs or any other device, depending on the time of day and day of the week. DeviceLock® enhances access control for Windows System Administrators and helps control removable disk usage. It can protect network and local computers against viruses, trojans and other malicious programs often injected from removable disks.
With DeviceLock® you can:
- Control which users or groups can access USB, FireWire, Infrared, COM and LPT ports ports, WiFi and Bluetooth adapters, PDAs, smartphones, DVD/CD-ROMs, floppy drives, other removable devices
- Control access to devices depending on the time of day and day of the week
- Authorize only specific USB devices that will not be locked regardless of any other settings
- Grant users temporary access to USB devices when there is no network connection (you provide users with the special access codes over the phone that temporarily unlock access to requested devices)
- Uniquely identify a specific DVD/CD-ROM disk by the data signature and authorize access to it, even when DeviceLock® has otherwise blocked the DVD/CD-ROM drive
- Protect against users with local administrator privileges so they can't disable DeviceLock® Service or remove it from their computers, if they are not in the list of DeviceLock® administrators
- Set devices in read-only mode
- Protect disks from accidental or intentional formatting
- Detect and block hardware keyloggers (USB and PS/2)
- Deploy permissions and settings via Group Policy in an Active Directory domain
- Use the standard Windows RSoP snap-in to view the DeviceLock® policy currently being applied, as well as to predict what policy would be applied in a given situation
- Control everything remotely using the centralized management console
- Get a complete log of port and device activity, such as uploads and downloads by users and filenames in the standard Windows Event Log that stores locally and/or in the special protected log that sends to DeviceLock® Enterprise Server for centralized storage
- Mirror all data (shadowing) copied to Windows Mobile PDAs and smartphones, external storage devices (removable, floppy, DVD/CD-ROM) and transferred via COM and LPT ports
- Store shadow data and audit logs on a centralized component of an existing server and any existing ODBC-compliant SQL infrastructure
- Generate a report concerning the permissions and settings that have been set
- Generate a report displaying the USB, FireWire and PCMCIA devices currently connected to computers and those that were connected
- Install and uninstall it automatically.
For enterprises standardized on software and hardware-based encryption solutions like PGP® Whole Disk Encryption and Lexar® SAFE PSD S1100 USB drives, DeviceLock® allows administrators to centrally define and remotely control the encryption policies their employees must follow when using removable devices for storing and retrieving corporate data. For example, certain employees or their groups can be allowed to write to and read from only specifically encrypted USB flash drives, while other users of the corporate network can be permitted to "read only" from non-encrypted removable storage devices but not write to them.
DeviceLock® Content Security Server is an optional component of DeviceLock®.
It includes Search Server which provides full-text searching of logged data
stored on DeviceLock® Enterprise Server. The full-text search functionality is
especially useful in situations when you need to search for shadow copies of
documents based on their contents.
[30 day trial version]