Centennial Software has released software that can control the use of portable storage devices on enterprise laptops.
Version 4.5 of DeviceWall enables network administrators to track what users do with specific files and grant temporary access to storage devices such as USB flash drives, either at specific times or for a given amount of time.
DeviceWall can now record read/write/delete/rename actions done to a given file or group of files. So when a user’s laptop reconnects with the corporate network, the agent code passes this information to the DeviceWall management console.
Although the data currently has to be called up by an administrator, future DeviceWall versions will create a set of alerts so that
administrators can be notified automatically if unauthorised actions are taken on specific files.
The new version also refines the control over USB flash drives and other storage media. The previous version could block the use of such devices, including U3 smart USB drives or DVD drives, but an administrator could temporarily unlock the device at a user's request.
In the latest version, administrators can schedule temporary use, at specific times on a given day, or grant use for a specified time span. After that, DeviceWall would restore and enforce the standard enterprise security policy for the devices.
It may be early days, but this sort of product, locking down the usage of USB drives, is just the sort of thing hard-pressed security teams probably pray for. It’s not enough bemoaning the problems of portable data through USB drives. Find a way of locking them down.