Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

How to ensure your network security

Complement your monitoring with endpoint security

Article comments

When I visit my company's overseas offices, I'm often asked what we can do to control USB ports and other external connectors in order to prevent the loss of intellectual property. That's a goal I'm always interested in pursuing.

I would say that at this point we have a fairly mature network data leak prevention (DLP) infrastructure. Not that it's near where I would like it to be. We don't have 100% coverage of every egress point in the organisation. We're not monitoring our internal LAN traffic, and we don't have all the product divisions signed up to use our DLP tools. But I still consider the infrastructure mature, since we have processes in place for monitoring the network and conducting investigations once we do implement endpoint security technology.

Trouble ticket

  • At issue: The company's intellectual property has to be secured
  • Action plan: Endpoint technology is attractive in theory but hard to implement. For now, port blocking might be all that can be done

A strong case can be made for doing that, but implementation can be a nightmare. I have the battle scars to prove it.

A couple of years ago, we were swept away by the sales pitch from a fairly new vendor whose offering, it turned out, was rather immature. We decided to try it, and the only good news about what happened next is that the deployment was limited.

Deploying endpoint technology is never easy, and that may be especially true in my company. With so many engineers, we can't maintain a standard operating system profile across the enterprise. And because users have administrative access to their PCs, they are free to install programs. That makes it difficult to keep up with what applications need to be tested with the endpoint DLP technology. Finally, our engineers are often engaged in computer-aided design and source code development, which are intensive applications.

In any event, thinking we had a stable release to try out, we decided to remotely deploy the start-up's technology to our development office in Moscow, where we have 50 software engineers. Many of those engineers' PCs froze or blue screened. We lost several development cycles as a result and missed the launch date for one of our products.

Naturally, we abandoned that project, but to this day many people here get a bad taste in their mouths if endpoint DLP is brought up, and the mere mention of that vendor's name makes some of us cringe.

No disruptions

The problem is that endpoint software is a disruptive technology, since it works by intercepting system calls and replacing other system files. It has to do this if it's going to identify, track and secure data at rest, in use and in motion, no matter what application is used. And it needs to be aware of every application in use in the enterprise, including Exchange and webmail, instant messaging, Skype and Windows File Sharing, as well as the movement of data to CD, DVD or USB devices. And the technology needs to be sophisticated enough to allow the use of benign USB devices such as keyboards and mice.

Join in

Yet another roadblock to endpoint DLP adoption is that the technology isn't one-size-fits-all, it needs to be tuned to each set of employees. Managing that sort of thing would take additional staff and new training for the help desk. So, although we're currently evaluating some DLP vendors, I'm inclined to look elsewhere for the protection we need right now.

One option I'm considering is port blocking. I'm going to start looking at vendors in that market, including Trend Micro, which is our antivirus and antispyware provider. It could be convenient if we can do it all from one Trend Micro Control Management console. But I would be remiss if I didn't check out other vendors as well.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *