Research suggests that around 75% of all firms have drafted and distributed some form of Acceptable Use Policy for their computer users. But with 70% of IT security breaches and identities thefts now occurring behind the firewall, organizations need to revise their security policies to address the proliferation of personally-owned portable storage devices in the workplace.

Specifically, organizations need to ask themselves if it is time to:

• Limit the use of portable data storage media and devices except with specific authority
• Prevent MP3 Players being connected to PCs
• Restrict the connection of personal PDAs to company-owned computers
• Block the connection of mobile phones and cameras to corporate PCs
• Limit the capacity of data storage devices issued by the organisation
• Amend definitions of ‘misconduct’ within appropriate HR policies to reflect the new issues facing organisations as a result of these lifestyle devices

An effective policy enforcement solution

As all security managers know, a policy is only as good as the mechanism used to enforce it. DeviceWall enables organizations to actively enforce Acceptable Use Policies by managing the connection of removable media devices to corporate desktops and laptops based the established requirements of individual users, groups and business units.

DeviceWall allows the legitimate use of approved devices by authorized staff ensuring that business productivity is not affected while actively guarding against the removal of data or the introduction of risks to the network by unauthorized parties.

Organizations can choose whether to run DeviceWall in “silent” or “high visibility” modes. In high visibility mode, DeviceWall displays admin-configurable messages to remind users that the security solution is active and what their individual privileges are. Silent mode provides the same level of security, but without the DeviceWall-generated user notifications.

DeviceWall can be quickly and easily deployed by a single administrator from a central server to the entire local or global network. Centennial Software’s advanced deployment technology means DeviceWall can be deployed across LAN, WAN and email connections.

To cater for those exceptional occasions where an employee will have a legitimate request to be temporarily exempt from a policy (e.g. a sales representative on-site with a customer needs to take information from a USB drive), DeviceWall supports authorized temporary policy over-rides for both online and offline users.

Any effective security solution must include a thorough and accurate audit log which records all policy changes over time. DeviceWall offers both an immediate snapshot of the current policy deployment status as well as a full log of all incremental changes, including the issue of temporary access permissions.