Lambert, though, stresses that controlling the use of USB devices is not the be-all-end-all answer for all organizations.
“These devices have their place and most organizations cannot simply forbid their use,” she said. “For that choose to allow them, there are encryption technologies designed for USB devices so that regardless of the data going on the devices, it will be protected.”
McAfee and Check Point Software Technologies Inc. of Redwood City, CA are among the vendors operating in this area. Alternatively, she suggests the option of using only specific storage devices that are designed to be encrypted such as those offered by SanDisk Corp. of Milpitas, CA.
“Taking all these technologies into account when allowing USB storage will bring much more control and security to the environment,” said Lambert.
While tools, policy and IT vigilance are certainly important, there is perhaps one more element that really can’t be done without when it comes to endpoint security – user education.
“The best protection against endpoint vulnerabilities is education of the end user, since the more they know and understand the vulnerabilities and policies, the more secure their endpoints will become,” said Kyle McGrane, a security specialist at CDW Corp. of Vernon Hills, IL.
“Stringent data management procedures, effective training and awareness programs, adherence to policy, and an investment in security technologies as basic as encryption would represent a quantum leap forward for many companies,” he said.