Tuesday, May 10, 2005

Locking Down Devices

In two blog entries (here and here), I described the issues and one small solution, to the problem of removable device security. And Mitch Tulloch also wrote about the basic issue.

My original article was about the issues of locking down USB devices, which I thought at the time was key issue. But actually, the issues over portable devices extend beyond just USB thumb drives - it includes access to floppy disks, wi/fi devices, serial/parallell/usb/firewire ports, etc - anything a user can plug in. The question is how do you restrict people who shoudn't use external devices from doing so, while allowing those who should to have only their appropriate access? It's one more security nightmare, especially as Mitch points out, if XP has a driver for the device, an unprivaleged user can simply plug it in and away they go.

In a blog article for the UK Security Business Blog, I took a look at one solution: Ecora's DeviceLock. It has an Auditing Capability to audit user activity for a particular device type, a nice management tool, Group Policy integration and the ability to communicate through the firewall. The costs are $35/host (based on 1-49 hosts, off the US web site - UK firms would presumably need to add VAT). I assume deals can be done for larger numbers, or multinationals, etc.

Interestingly, after posting this article, I discovered another product called DeviceLock from a company called Slimline, the author of the product sold by Ecora. And for more information, TechRepublic has an on-line review of this product. From my quick calculations, the prices on SlimLine's web site are lower than Ecora's.

Pingback: http://www.blog.co.uk/main/htsrv/trackback.php/19806

No comments: