Usually, the goal of intrusions is to obtain valuable information, databases, research data, sales reports, marketing statistics, HR records, etc. The information can be sold and/or used by the perpetrators. Once information is located and duplicated, there are two ways to "carry" it out. The first is to transfer it via the Internet. The second is with physical media: floppies, CDs, external drives (ZIPs, USB drives, and many others), etc.
There are two approaches to solve this problem. The first way is to cut off Internet access and remove all devices that can be used to transfer information (floppy drives, external drives, etc.) This approach is expensive, difficult and impractical for the majority of companies. The alternative is inexpensive software solutions. There are very few such solutions on the market right now and only two or three that deserve attention.
DeviceLock from SmartLine is a one solution that gives network administrators control over which users can access what devices (floppies, serial and parallel ports, Magneto-Optical disks, CD-ROMs, ZIPs, etc.) on a local computer. You do not need to physically remove, uninstall or block any hardware. All you need to do is install the software and assign the appropriate privileges to each user. What you get is full control over which users or groups can access devices depending on the time of day and day of the week, protection against accidental or intentional disk formatting, viruses, Trojans and other malicious programs that are frequently introduced from removable disks.
PortsLock, also created by SmartLine, gives you protection behind a firewall. While most companies are obsessed about possible hacker attacks, Network World reports that between 80 and 90 percent of security breaches originate from within the corporate firewall. An average security breach costs almost a million dollars.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.