Endpoint Protector

Device Control - control of peripheral devices and ports

for Windows, macOS and Linux

All the portable devices that plug into our terminals, while seemingly harmless, are one of the leading causes of security incidents that can cause serious damage to any business. The damage ranges from theft of confidential data to huge fines due to violation of compliance rules and regulations. The device control module is the first layer of security provided by Endpoint Protector. By defining detailed access rights to USB ports and peripherals, device security is enforced while maintaining productivity. This prevents accidental or intentional data loss and leakage, and protects endpoints from the spread of USB malware, BadUSB attacks or viruses.

Features:

• Granular setting of device access rights globally, per group, per computer or per user
• Rights can be created based on device classes making it easy to manage products from the same vendor
• Track all file transfers or attempts to transfer files to different USB devices, providing visibility of user actions in logs
• Save copies of files that have been transferred to controlled devices for auditing purposes
• Allowing file transfers to protected end stations by obtaining a temporary password from the administrator allowing policies to be bypassed in an emergency, for example, for 30 minutes to even days
• Predetermined and customized email notifications about the most important events related to the use of the device
• Monitoring of all device usage activity with an advanced reporting and analysis tool

Controlled device types:

• USB Storage Devices (USB Flash Drives, Sticks, Pen drives, etc.)
• External HDDs (incl. sATA HDDs)
• CD/DVD-Players and Burners (internal and external)
• iPhones, iPads and iPods
• Smartphones and Tablets (incl. Android devices, Blackberry and PDAs) 
• Digital Cameras
• MP3 Player and other Media Player Devices
• Card Readers (internal and external)
• Memory Cards (SD, MMC, CF, Smartcard, etc.)
• Printers

Content Aware Protection - controlling data in motion

for Windows, macOS and Linux

The use of more and more cloud-based services from Dropbox, Google Drive to webmail has increased the number of accidental or intentional data leakage incidents in recent years. Careless employee behavior is actually considered a greater security threat than outside attackers, highlighting the need for close and detailed monitoring of all data sent outside the company. When data leaves the endpoint via the aforementioned applications and services, you need to ensure that the content does not conflict with your policies. This is where the Content Aware Protection module will be perfect.

Features:

• Filter uploaded content by predefined content such as credit card numbers but also custom content such as keywords or custom phrases
• Filter by file type to block specific documents based on their extension, even if modified manually by users
• Whitelisting of files that will not be blocked, as well as domains and URLs such as company websites and e-mail addresses that employees need for their jobs
• Data protection for local and network printers as well as terminal servers
• Monitoring of clipboard tools, i.e. copy/cut/paste and also blocking of the Print Screen function
• Temporary permission to transfer files to disconnected computers
• Predefined and customized e-mail notifications, which provide information about the most important events related to confidential file transfers

Enforced Encryption | Easy Lock - USB forced encryption

for Windows and macOS

EasyLock USB Enforced Encryption in combination with Endpoint Protector allows IT administrators to extend their device control policy and ensure that all sensitive data transferred to USB storage devices is automatically encrypted. Using a secured password, users can securely transfer confidential data and access it on any computers or only on authorized computers. In addition, IT administrators have access to additional useful features such as remotely messaging users, requesting password changes, or wiping sensitive data if a device is lost or stolen.

Features:

• Authorize only encrypted USB devices and ensure that all data copied to removable storage devices is automatically protected
• Creating a master password that allows administrators to access devices in exceptional circumstances, e.g. an employee has left the company and we need to retrieve data from a specific device
• The module uses AES-256 encryption approved by the U.S. government to prevent unauthorized activity and ensure application integrity

eDiscovery - control of data at rest

for Windows, macOS and Linux