Many organisations have a desktop estate that could range from an SMB with handful of desktops in a single site or an enterprise with several hundred (or thousand) workstations and laptops deployed across many sites. Take the example of an organisation with 500 windows workstations. In our experience, many organisations will not have USB device control and the ports are free for anyone to access (or use) without futher thought given to Data Loss Prevention (DLP). The data loss vector here is fairly obvious. A user can copy data to (or from) a removable device, potentially stealing data, accidentally disclosing data or introducing malware to your IT environment.
Solutions that disable or block USB device access have made availability for some time and, whilst they are effective, negate the fact that there is a legitimate business use of portable devices. Their user in an organisation does present a risk, and one that should be managed rather than blocked.
Can you answer the following questions?
- Right now, how many USB devices (e.g. pen-drives, hard drives) are in use across your whole organisation?
- How many devices have been plugged into your IT systems in the past month?
- What type of device was used?
- Who it was used by?
- When was the activity performed?
- What did the user copy to or from the device?
The range of solutions ServiceTech provide can answer these questions. Regular reports providing a high-level view of activity including data copy events and attempted (yet prohibited) activity.
Suppose you knew the answers to these questions, a device control DLP solution can provide the following:
- Granular policy definitions that can define who, what and when USB devices can be used in your organisation.
- Define the type of devices that are permitted, and those that are forbidden.
- Block USB devices (or device families, e.g. USB Pen drives, bluetooth).
- Keep copies of all files or file-names that a user has copied or has attempted to copy to or from a USB device.
- Allow the use of USB devices but force the use of encryption at all times.
These are just some of the benefits.
If you would like to learn more about our range of DLP (Data Loss Prevention) systems or find out how our solutions can provide a real insight into your organisation’s data, get in touch today.