DeviceWatch: Endpoint Security - centralized management of interfaces and devices
DeviceWatch provides granular endpoint protection by centrally controlling and managing all the interfaces and devices via black listing or white listing.
DeviceWatch provides solid endpoint protection by means of centralized control and management of all the interfaces and devices via black listing or white listing. Which person, in what situation and in what way is entitled to use a certain device is defined by the corporate security policy. However, these approval criteria for critical actions cannot stand up to all of today’s requirements. Thus, many more criteria can be established to be considered for the approval of an action in real time, including time, system state, active network connections or active processes. For each criteria you can decide yourself – depending on the required security level and administrative procedure – whether to use black listing or white listing.
Personalization of storage media
Removable media like USB sticks can be personalized or users and groups and in addition specific permissions can be linked to the media – no serial number on the media is required to do so. That way inexpensive storage media become secure transport media!
The approval of critical actions can be coupled with algorithmic checks – one time passwords, challenge response, token and many more.
Security Awareness in real time
Many companies wouldn’t enforce “hard” security policies right from the start. Starting “smoothly” with itWatch products lets you train your employees in real time during the use of critical technology. Of course for VIPs in all companies there have to be specially customized solutions in place without the need of any administration – also in these cases it’s advisable to start smoothly and clarify potential risks or liability in real time.
Friendly Net Profiling
Identifying „friendly networks“ in real time via any algorithmic routine as plugin (like VPN status) determines, whether a network connection is terminated or not.
In many cases the difference between special expensive hardware and common products consists only in a few functions like serial numbers, user authentication or automatic encryption on memory sticks. Cost efficient technologies like WLAN cannot be used productively, because off-site security is not guaranteed (friendly net detection). DeviceWatch offers highend functions for inexpensive devices.
Any devices connected to a PC, i.e. via USB, PCMCIA, Bluetooth, Firewire etc., immediately start to communicate – wether desired or not.
Comfortable Plug & Play-mechanisms in Microsoft Windows 2000, XP or Vista do not provide central administration mechanisms. Therefore, security threats occur.
However, removable storage devices are not the biggest risk. Passwords that are exchanged via wireless keyboards - without knowledge of the network department - or insecurely configurated wireless networks are even more critical.
Our partners provide professional support for the implementation of our products in your organization, including the following services:
- risk assessment by means of a target/actual comparison provided by the Device Scanner throughout the network and a final audit report,
- set-up and maintenance of corporate security policies,
- development of customized plugins for our standard products,
- planning of product deployments –we are supporting customers with concepts of operation and planning documents,
- roll-out support