In the wake of the increased focus on endpoint security, controlling the use of devices that can be attached to endpoints, especially memory devices like USB memory sticks, has become of paramount importance to companies. While this is good elevation of awareness to a relatively new threat it should be pointed out that this threat does not exist in this format alone. Dozens of new and existing vendors have appeared in this space touting their products as being the next ‘must have’ security product in a network. Many of them offer granular control that allows specific devices to be used by specific individuals at specific times. It is important for companies to understand the difference between hype generated by vendors and the reality of how a threat can enter and affect your network. With so many vendors offering device control and protection against using memory devices, the wave of misinformation is influencing companies to make rash decisions into purchasing point solutions.<\/p>\n","protected":false},"excerpt":{"rendered":"
For most companies it is either the theft of proprietary or confidential\/classified information or the injection of malicious code or surveillance software into the corporate network. If this is the case then memory devices attached via the USB port is not your only worry.<\/p>\n
Take the problem of installing malicious code into a network, and please note that malicious code can be as small as a few Kb. Device Protection solutions are not able to identify malicious code inside the network or prevent it from being introduced into the network other than by a single method alone.<\/p>\n
If it is preventing classified information from leaving the company that you are trying to achieve then controlling the use of the USB drive and other I\/O devices is only going to give you a partial answer. In cases like these where device protection vendors claim to stop confidential information leaking to unauthorized parties, they are merely marketing their solutions to you and avoiding the real world scenarios. <\/p>\n
To put ones faith in a single security solution that gives full granular control of any type of attachable memory device is flawed.<\/p>\n
http:\/\/www.it-observer.com\/articles\/1168\/endpoint_device_control_dont_believe_hype\/<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-140","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/140","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=140"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/140\/revisions"}],"predecessor-version":[{"id":2627,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/140\/revisions\/2627"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=140"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=140"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=140"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}