ENDPOINT SECURITY SOFTWARE

Lumension Endpoint Management Security Suite (LEMSS) Download | More from Lumension

Lumension – The perfect partner for integrated Endpoint Security when using IronKey.

Enforce Security Policies for Removable Devices, Media and Data

Data leakage caused by the accidental or sometimes malicious use of removable devices and/or removable media has reached alarming levels. In fact, over 85% of privacy and security professionals reported at least one breach and almost 64% reported multiple breaches that required notification.

Organisation-wide Device Management

To enhance productivity, organisations need to provide employees and partners access to data. With more employees working remotely, access is required from outside the network. But the potential impact of data loss, be it accidental or malicious, is a very real concern. And today, removable devices / media are the most common data leakage routes – no file copy limits, no encryption, no audit trails and no central management.

The information contained in customer and corporate data, such as personally identifiable information (PII) and intellectual property (IP), is worth billions to some. In fact, the total average cost of a data breach incident is rapidly rising as well: the latest estimate is near £5 million – or £150.00 per compromised record – per incident. And this is likely to continue to increase, as new statutes and regulations impose criminal and civil penalties on organisations which lose PII.

Lumension® Device Control:

Centrally manages security policies regarding use of removable devices (e.g., USB flash drives) and media (e.g., DVDs/CDs) using a whitelist / “default deny” approach

Enforces encryption policies when copying data to removable devices / media prevents malware intrusion via removable devices / media, adding a layer of protection to your network

Provides the visibility, forensics and reporting needed to demonstrate compliance with applicable laws

Per-Device Permissions: Granular permissions to control access at device class (e.g., all USB flash drives), device group, device model and/or even unique ID levels.

Whitelist / “Default Deny”: Assigns permissions for authorised removable devices (e.g., USB flash drives) and media (e.g., DVDs/CDs) to individual users or user groups; by default, devices / media and users not explicitly authorised are denied access.

Flexible Policy with Granular Control: Permission settings include read/write, forced encryption, scheduled / temporary access, online / offline, port accessibility, HDD / non-HDD devices and much more; can be set for individual and/or groups of users, machines, ports and devices.

Policy Enforced Encryption for Removable Storage: Provides utmost flexibility in enforcing encryption policies when copying data to devices / media – be it centralised (admin-implemented) or decentralised (user-implemented), portable (for use on unmanaged systems) or non-portable (in network only).

File Tracking: Patented bi-directional shadowing technology keeps a copy of all files read from and/or written to removable devices / media; can also track just file types and names.

File Type Filtering / Copy Limits: Restrict and manage file types moved to and from removable devices / media; combine with forced encryption for added protection. Also, restrict amount of data copied to removable devices / media on a per-user basis.

Offline Enforcement: Permissions / Restrictions remain effective even when endpoint is offline; these can be the same as when online or different (i.e., context-sensitive permissions).

Centralised Management / Administrators’ Roles: Centrally defines and manages user, user groups, computer and computer groups access to authorised removable devices / media on the network; by default, those devices / media and users not explicitly authorised are denied access.

Tamper-proof Agent: Installs agents on every endpoint on the network; agents are protected against unauthorised removal – even by users with administrative permissions. Only Device Control Administrators may deactivate this protection.

Flexible / Scalable Architecture: Provides organisation-wide control and enforcement using scalable client-server architecture with a central database that is optimised for performance. Supports virtualised server configurations.

White Papers: 5 Steps to Consumer Security (Opens in new window)

Case Studies: Lancashire Care NHS Foundation Trust (Opens in new window)

Please contact us now to find out how IronKey and Lumension can help secure your data and networks.