Industry-Leading Solutions for Mobile Data Protection
Preventing Data Leaks on USB Ports
Pointsec Protector from Check Point Simply Regulates Access
and Data for Any Plug-and-Play Peripheral

USB Ports are New Vector for Data Leaks

Organizations are under big pressure to do a better job securing enterprise and personal data. A continuous flow of news stories show that data leaks are widespread. According to the Privacy Rights Clearinghouse, more than 100 million records containing private personal information have been lost or stolen since the massive leak from ChoicePoint in 2005. Odds are the real number is higher due to reluctance by organizations to disclose data leaks or related problems with cyber security.

The public scrutiny, embarrassment, financial and judicial penalties triggered by data leaks has stimulated steady efforts to strengthen security. Among the “most critical issues” are data protection, compliance, data leaks, viruses and worms, and access control, according to a recent survey by the Computer Security Institute and the Federal Bureau of Investigation’s Computer Intrusion Squad. In addressing these issues, enterprises have discovered a requirement to deploy different solutions that solve particular vulnerabilities at each layer of the networked information system.

Enterprises are becoming aware of another significant vector for data leaks that evades control by traditional layered security technologies: the innocuous USB port on endpoint devices.

USB stands for Universal Serial Bus, an interface standard natively supported by popular operating systems such as Windows, Mac OS X, and Linux. USB has become commonplace for keyboards, printers, televisions, home stereo equipment, video game consoles, and storage-related devices. Unfortunately, the technology that has streamlined the operational cost of interconnection also has become a critical point requiring the attention of security administrators.

The last category is a point of danger for data security because people constantly plug personal storage devices into their work PC to upload music, wallpaper images, or transmit digital photos over the Internet. Their intent may be innocent. But the ability to also siphon off corporate data from an endpoint through the USB port onto a portable storage device places organizations at considerable risk.

How USB Exposes Endpoints to Leaks

A standard corporate desktop PC may have up to eight USB ports. Some are required for peripherals such as a keyboard or security token reader, but there are usually one or more unused ports. By default, USB ports are “always on,” ready to serve any USB-enabled device that is plugged into the endpoint computer.

An enterprise may chose to disable USB via the Windows Group Policy and an ADM template. Unfortunately, this capability is an all or nothing policy and does not provide administrators with granular control. This approach is limiting because of the need for USB capability on the endpoint.

Ease of Data Movement with USB Storage

A typical device in this category is a USB flash drive, which stores digital files on NAND-type flash memory. The flash drive may also be called a “USB key,” “pen drive,” “thumb drive,” or “chip stick.” When a flash drive is plugged into an endpoint’s USB port, the endpoint computer’s OS automatically recognizes the device, loads its device driver, and enables file transfers with Windows Explorer or similar applications. Some endpoints may allow execution of programs that are stored on a flash drive.

The USB flash drive appears to a user exactly like another internal drive on the endpoint computer, making the plug in capability ideal for sneaking out sensitive data from the enterprise. The flash drive is not the only USB device capable of swift and secret data theft. Users may employ any of the USB storage devices mentioned above for the same purpose.

POD Slurping and Other Techniques

Stealing data with USB storage does not require a long script. One simply plugs the USB storage device into a USB port, fires up Windows Explorer and drags target files onto the storage device. This action can be performed by a malicious insider, or even a well-meaning insider who is trying to do their job but is unaware of security policies that might otherwise prevent a data leak.

One of the most popular USB storage devices is the iPod. Consequently, some people have coined “Pod Slurping” as a hip term for transferring files to a USB storage device.

A synonymous term is “camsnuffling,” which applies to using a digital camera to photograph documents or objects and then transfer them to an unauthorized recipient. Likewise, “bluesnarfing” entails stealing data from a wireless device through a Bluetooth connection.

Whatever the term, it’s very easy to move digital files from an endpoint to a USB storage device. And once data has moved to a small storage device, it’s usually easy to carry it outside the enterprise and on to nefarious use by unauthorized people.

A Simple Solution for USB Port Security

Pointsec’s Protector is a simple software-based solution for enterprise-wide control of storage device access through USB and other I/O ports, and of the data flowing through those connections. It provides a policy-driven port security system to a system administrator for granular control of USB access to endpoints that denies all access (black list), provides read-only access or allows full authorized access (white list).

The level of control is configurable by a security administrator, which is critical for striking the best balance between security and cost. In some enterprises, implementing a rigid security policy puts new strain on end user work patterns. Pointsec’s objective is to offer a customized endpoint security solution that minimizes changes to end user behavior, while also addressing the most critical elements of your security policy.

Learn More

Pointsec Mobile Technologies, the global leader in mobile data protection, invites you to contact us for more information about Pointsec Protector as a simple solution for enterprise-wide port security. Deployment is rapid, automatic and non-intrusive. Centralized management and operations makes Pointsec Protector an efficient, cost-effective way to control data leaks through USB ports. Pointsec is a Check Point Software Technologies company.

About Check Point

Check Point Software Technologies Ltd. (www.checkpoint.com) is a leader in securing the Internet. The company is a market leader in the worldwide enterprise firewall, personal firewall, data security and VPN markets. Check Point's PURE focus is on IT security with its extensive portfolio of network security, data security and security management solutions.

To learn more, please contact your Akibia sales representative at 508-621-5100, or visit www.checkpoint.com/products/datasecurity/protector/index.html.