Blog

Micro Security and the Assured Business

Written By:
Published:
Content Copyright © 2006 Bloor. All Rights Reserved.

We have already talked through the transition businesses are going through as they realise that working on macro security only fixes one problem—the perimeter.

Sure, securing the perimeter is vital but all you need is a micro security problem for your entire Assured business infrastructure to come tumbling down.

The ubiquitous use of USB memory sticks has been a real boon to users. Forget floppy disks, nearly everyone is using USB devices to store and transfer data. In fact it would be an interesting experiment to stand at a mainline railway station in any European city during rush hour and see how many people have a USB drive tucked in a pocket or bag.

I would suggest it would be a very high percentage.

Couple that research by seeing how many commuters also have an MP3 player and/or a smart phone and I think you must be up into the high 90% figures.

Whilst this is great news for users, it is a massive nightmare for the IT security team running a desktop estate. Each PC in the estate would have at least one USB port and more often multiple ports.

You may as well put a sticker above the port saying “Insert memory stick to destroy the Assured business”.

The most basic response to this problem has historically been to turn off the USB ports as part of the corporate OS build and have done with it. Whilst at one level it solves the problem it is like having a bank vault stuffed full of gold and no door—sure the gold is secure but access is going to be a nightmare.

Better to have controlled use of USB devices so that those with a business requirement to move data can do so securely and conveniently whilst the powers that be can control what data is going where. And of course not forgetting our friends the compliance laws that demand you have an audit trail on your sensitive data.

Tying together the access control of USB ports with USB flask drive encryption is a company called mSystems.

The mTrust flash drive is a corporate version of the consumer memory stick with additional features. The data on the stick is encrypted with a 256-bit hardware key with password protection and a software agent that prevents brute force hacking of the device. Any more than 10 attempts to enter an incorrect password will see the device locked out.

mTrust shield is an end point agent pushed out across the corporate estate to block any device from working with the local USB ports—including memory sticks, cameras or any other USB enabled gadget. The technology can also stop data being burnt to CD/DVD, being sent via Infrared or being printed out.

mTrust Manager is then run by the systems administrator to determine who can access USB drives and what exactly they can do with the drive once it has been inserted into a PC. If the drive is used in a remote PC it will force the PC to contact the mTrust Manager to confirm that it is able to work on that PC—no authorisation, no access.

In addition a USB stick can be remotely stunned if it is believed to have been compromised.

With this level of USB device control the corporate IT function can at least start to take back ownership of their assets and put an end to the terabytes of insecure data that dangle around the necks of employees as they go home.

This can only be good for the Assured business.