EGOSECURE

Enjoy Endpoint Protection

DEVICE CONTROL OVERVIEW

Information – the core asset of any company

• Information is stored in digital forms• In a multitude of locations• It can be easily transferred from one location or

device to another e.g.:• From internal corporate server to a workstation

• Which can be a laptop, smartphone or increasingly popular a tablet

• From workstation to a USB stick • From workstation to the cloud etc

Valuable data, but so many ways to loose it!Without the right measures applied it will fall into the wrong hands sooner or later!

Why Device Control is so important

• Users can transfer confidential and internal company data to various external devices

• Nowadays everybody has various devices with gigabytes of storage within them (USB Stick, Smartphone etc.)

• In the absence of control, any user can connect almost any storage device

• Communication devices like 3G/LTE modems are also a commodity

Controlling which devices the user can connect to their computer is an essential element of data security!EgoSecure is an effective way to put all these risks under control

Not all Device Control products are the same

• Many vendors have device control functionality in their portfolio

• Some solutions are very basic and not flexible enough

• Others are feature rich and highly secure but not easy to work with

In the next slides we will see what we need to take into consideration when choosing a Device Control strategy

Storage Device danger

• Users are afraid to use the internet to transfer internal and confidential data as they know that their activities can be traced on the gateway/proxy/firewall level (they don’t know what is installed on the gateway)• They believe that local file transfers are not monitored

• Many workplaces with high security requirements (e.g. banks) are disconnected from the internet or have very limited set of external resources which can be accessed

• But still local file transfers are not always monitored

• Very often the usage of external storage devices is not permitted but users still can violate the rules as there is no control and no policy enforcement

External modem danger

• Many corporate sub-networks have no access to the internet for security reasons

• … or web-sites not related to their work are blocked on the proxy/gateway level

• But still users want to access their favorite internet sites like Facebook etc.

• Some users can bring external communication devices and access internet and their favorite web sites directly

• It is not only the question of their productivity• Direct connections of workstations to the internet bypassing

existing firewall/gateway security policies pose extra risk to the whole corporate LAN

EgoSecure offers simple yet effective control of all communication devices

CD-ROM/DVD-ROM danger

• We think that the CD is out-of-date• But many computers are still equipped with CD/DVD drives• Quite often they are only used during initial system

installation, to install device drivers etc.• Often they are not really needed but they are “still there”• Nowadays almost all of them are really CD-RW/DVD RW• Simply, many vendors don’t produce read only CD-ROM

devices any longer • Which means that any user can bring blank disk and transfer

files there• Majority of companies don’t have any policies to restrict the

usage of such media• Or apply read-only permissions to read/write devicesWith one click EgoSecure can eliminate such risks by blocking or applying read-only policy to CD/DVD RW drives

Security without stopping business

• Administrators need to enforce strict security• The flipside of this is that it can block some important business

activity • E.g. the user is on a business trip and he needs to connect to

the internet but 3g modem and Wi-Fi are blocked by previously enforced policy

• Or the user needs to share a contract or some other documents with prospects but there is a policy to block removable media

• EgoSecure offers a set of options for administrators and users to roll back any policy

• Even on offline computers using unblocking codes• In the absence of such tools administrators are simply afraid to

enforce security policies• Which means no security at allEgoSecure combines high security and flexibility

Access query in EgoSecure

• User cannot change the policy by themselves

• This is the responsibility of administrator

• But the user can create request when he needs something which is blocked through the current policy

• Administrator will confirm this request if it is appropriate

• EgoSecure supports role-based management, so this can be done by the employee’s manager

• EgoSecure has built in helpdesk system which simplifies the life of both users and administrators

Access query in EgoSecure

User creates request inside the agent

He explains which device he needs to access

And what level of access he needs

After that he explains why he needs this

Administrator receives request

If he finds it logical he approves it

With one click

New policy will be created and the user will receive requested rightsSimple and fast! Minimum effort!

Offline Endpoint management in EgoSecure

Administrator generates unblocking code for the user to allow temporary access

User enters this code in the agentAnd receives required permissions. Even offline!

Offline Endpoint management

• Not all security vendors have options such as unblocking codes• Some of them have a passwords to switch off the security

solution completely • With EgoSecure it is possible to roll back the policy only in the

desired area, leaving other protection tools up and running

• Other vendors have an option to send new signed policy file to such users

• But sending a file is not always possible:• Policy blocks communication devices e.g. 3G/LTE modem• Or blocks WiFi• Or simply no internet connection is available

With EgoSecure the administrator always controls the situation!

Windows Group Policy as a Device Control tool

• There are many ways to control devices• Windows Group policy is one of them • In theory it is possible to control devices using Windows

Group policy without any 3rd party software• But this approach has certain disadvantages• Some 3rd party products are also using Windows Group

Policy as a mechanism • Unlike them EgoSecure uses it’s own communication

between the EgoSecure Management Server and the EgoSecure Agent

Windows Group Policy

• Windows Group Policies can be used to control which devices the user can connect to his corporate workstation

• But there are known issues with this approach:• Changed policies are not applied immediately • By default, policy is updated every 90 minutes• Or the user needs to logoff and login back• Or the user needs to open Start->cmd > gpupdate

• And also:• This will not work on non-domain computers• This will not work if the computer is not connected to

the corporate network (the user is on a business trip or working on the road)

Granularity of Policies

• Many solutions include basic device control features• Just the option to block the whole removable device class

• E.g. this is the only possible option with Windows Group Policy• As well as with many 3rd party Device Control products

• In EgoSecure more granular access is possible• It is possible to allow only certain devices based on their Hardware

ID, Serial number etc

• In EgoSecure it is possible to scan chosen computer or group of computers and find devices used

EgoSecure Device Control • Maximum security• High flexibility according to business needs• Policies are applied immediately • Built in Helpdesk system reduces the efforts to manage

security policies and adjust them to business needs• Full offline management through unblocking codes• Saves time of users and administrators• Granular policies

EgoSecure is the most flexible and friendly Device Control on the market

QUESTIONS ?

EGOSECURE GmbH

Pforzheimer Str. 13476275 Ettlingen/Germany

Phone +49(0)7243.354.95-0Mail contact@egosecure.com