Control Access to Removable Media

PCQ Bureau
New Update

While USB drives, PDAs, DVDs, etc have made data sharing convenient; they

have also increased the risk of data theft. DeviceShield provides security

against this by controlling access to removable media devices. It can block

access to ports such as Infrared, Parallel, PCMCIA, Serial, USB, Wi-Fi and

FireWire. It supports devices such as Apple iPod, Blackberry, DVD/CD drives,

modems, PalmOS devices, tape drives and USB peripherals. It can also be used to

prevent users from transferring files of a particular type such as PDF, Doc,

etc. DeviceShield defines access privileges, based on policies. The management

of access privileges is done through a central console. These access privileges

can be granted based on domain, domain group or an individual user. It can also

import users from Windows Active Directory. DeviceShield can be installed on a

server or an individual machine. You can also do an audit from DeviceShield and

find out details such as the persons using removable media and the type of

device being used.

Direct Hit!
Applies To:

IT managers

Price: Rs 45,000 approx for 100 PCs

USP: Secures against threats from removable media devices

Primary Link:

Google Keywords: removable device access control

Deploying DeviceShield

You can install DeviceShield on a separate Windows machine and when you start
for the first time, a wizard detects the machines running on your network. For

this you can choose whether the wizard should do a NetBIOS or TCP/IP discovery

or both. Next click on the Discovery button to make the wizard search for

machines. Now the wizard will automatically add all discovered machines to its

database. Next the wizard asks you to define the default policy for all users.

Here choose which ports and devices you want to allow or block permanently. For

eg, if you want to block USB devices, select USB devices from Ports menu and

move it to selected devices. Now the wizard will ask you to set an access policy

for the device. Here you can choose from enabled, disabled and restricted. Now

finally the wizard will ask you on which domains and machines you want install

the DeviceShield client. You can just uncheck the machines, on which you don't

want to install the client and click on Finish. This process will deploy the

agent with policies on the machine that you have selected.

In DeviceShield, you can restrict the type of files transferred to a removable media based on extensions

To customize policies for users, go to the DeviceShield main window and click

on Policies tab. Here, click on a new policy, wherein you would be asked for the

user/group to apply the policy. Now on Authorized/Unauthorized ports and Devices

menu, you can choose devices the user will have access to. Similarly, you can

configure device models of specific brands, which will override default

restrictions. When the user authenticates from domain, the policy automatically

gets attached to it.