Safend ProtectorPort & Device Control and Removable Media Encryption
Safend Protector Overview:
- Protect your enterprise from data leakage and theft
- Eliminate targeted attacks via physical and wireless interfaces
- Enable connectivity and productivity without compromising security
- Enable compliance with regulatory, data security, and privacy standards
- Deploy and manage a single agent for all data protection needs
Endpoint Data Protection - Challenges and Risks
Industry statistics consistently show that the most significant security threat to the organization comes from within. With over 60% of corporate data residing on endpoints, gateway solutions and written security policies alone can not mitigate the risk.
Growing numbers of removable storage devices, physical and wireless interfaces and users with access to sensitive information have made data leakage via endpoints, both accidental and malicious, a real threat. It’s simply too easy for someone to connect a MP3 player, digital camera, or memory stick to an enterprise endpoint and walk away with sensitive data. It’s just as easy to use WiFi or a 3G modem to bridge classified internal networks to open external networks.
“An investigation is under way into the disappearance of a computer hard drive which could contain the details of about 100,000 [UK MoD] Armed Forces personnel”. Oct 10 th 2008, BBC
“Average cost per data breach incident was $6.6M and the cost per record was $202 in 2008”. Ponemon Institute
“Information breaches trigger an average 5% drop in company share prices. Recovery to pre-incident levels takes nearly a year”. EMA Research
Stop Data Leakage through Physical Ports and Removable Media
Safend Protector is the industry’s most comprehensive, secure and easy-to-use endpoint data protection and data leakage prevention solution - controlling every endpoint and every device, over every interface.
Safend Protector monitors real-time traffic and applies customized, highly-granular security policies over all physical/wireless interfaces and external storage devices.
Safend Protector detects and allows the restriction of devices by device type, model or even specific device serial number. For storage devices, Safend Protector allows security administrators to either block all storage devices completely, permit read-only or encrypt all data. It also monitors, blocks and logs files that are downloaded to or read from these devices. WiFi controls are based on MAC address, SSID, or network security level.
Security Policy - Flexible Strategy, Simple Implementation
Different organizations have different needs and different corporate cultures. That’s why Safend Protector allows administrators to first choose their endpoint security strategy, and then implement it in line with their unique organizational needs.
Safend Protector creates forensic logs of all data moving in and out of the organization, allowing administrators to create policies that don’t necessarily restrict device usage, but allow full visibility of device activity and content traffic. Through a flexible management console, Safend Protector allows administrators to create comprehensive and granular endpoint security policies.
Safend Data Protection Suite will protect your organization against endpoint data loss, misuse or theft through its single server, single console, single agent architecture. The award winning suite includes:
Features and Benefits:
- Granular control - detects and restricts devices by device type, device model or unique serial number.
- Data awareness - control the transfer of files both to and from external storage devices according to the file types.
- Removable media encryption - encrypts corporate data in motion on removable storage devices, external hard drives, and CD/DVDs.
- Track offline usage of removable storage - tracks file transfers to/from Safend encrypted devices on non-corporate computers (offline).
- Built-in compliance policies - includes detailed configurations for achieving security policies that are mapped to specific regulatory compliance standards such as PCI, HIPAA and SOX.
- Granular WiFi control - by MAC address, SSID, or the security level of the network
- Anti bridging - prevents hybrid network bridging by blocking WiFi, Bluetooth, Modems or IrDA while the PC is connected to the wired corporate LAN.
- Anti hardware keylogger - blocks or detects both USB and PS/2 hardware keyloggers.
- U3 and autorun control - turns U3 USB drives into regular USB drives while attached to organization endpoints, protecting against auto-launch programs by blocking autorun.
- Flexible and intuitive management - automatically synchronizes with Microsoft Active Directory and Novell eDirectory.
- Interface for content inspection add-on - examines file “content”, before it is allowed to be downloaded to an external storage device.
Protected Physical Interfaces
- Secure Digital (SD)
- Parallel Serial
- Internal Ports
- Infra Red (IrDA)
Protected Storage Devices
- Removable Storage Devices
- External Hard Drives
- CD / DVD Drives
- Floppy Drives
- Tape Drives
- Common Criteria EAL2 certified
- FIPS 140-2 Validated
System Requirements - Agent
- Windows 2000 Professional (SP4 Rollup 1)
- Windows XP Professional (SP1, SP2, SP3) 32 bit
- Windows XP Professional (SP1, SP2, SP3) 64 bit
- Windows XP Tablet PC Edition (SP1, SP2, SP3)
- Windows 2003 Server (SP1, SP2)
- Windows Vista Enterprise, Business and Ultimate Editions (SP1)
System Requirements - Server
- Windows 2003 Server (SP1, SP2)
- Windows XP Professional (SP2) for evaluation purposes only
Download the Safend Protector Data Sheet (PDF).