New endpoint protection products prevent data theft

Enterprise IT administrators didn’t need the recent stories about large-scale data breaches at TJX Co. (network compromise potentially exposing credit data on hundreds of thousands of customers) or Canadian Imperial Bank of Commerce (lost hard drive with personal financial information on 470,000 mutual fund customers) or Nationwide Health Plans (backup tapes with data on 28,000 patients stolen from a lockbox) to convince them that data protection was an urgent problem in need of attention.

Frankly, corporate boards of directors and auditors have been screaming it in their ear about it for a while now.

The biggest problem thus far, has been a dearth of enterprise-ready endpoint protection products that can monitor and lock down data transfers both online and offline without crippling productivity. But with the RSA Security Conference just over the horizon, news of a whole crop of new products due out on the market in the coming months may finally give IT some weapons to address the threats posed by USB stick drives, iPods, and other gaping holes in enterprise network protection.

Last week, CheckPoint’s newest acquisition, PointSec, unveiled PointSec Protector, an enterprise data protection product that combines encryption technology Pointsec acquired with Reflex Magnetics to secure computer ports, storage devices, and e-mail. PointSec started as a mobile data protection company focused on smartphones, PDAs, and other devices. That vision is broadening as employees’ use of personal removable media devices such as USB drives, Bluetooth smartphones, digital cameras, and music players pose a major security challenge, said Martin Leamy, president of PointSec.

The endpoint security news is coming hot and heavy this week, too. On Monday, startup endpoint security firm Provilla Inc. pulled the covers off LeakProof, an enterprise leak prevention product, said Glenn Kosaka, vice president of marketing at the Mountain View, California firm.

Taking a page out of Google’s playbook, Provilla offers a free version of LeakProof, dubbed LeakSense that will allow firms to see data transfer activity on their endpoints.

The new solution uses data fingerprinting technology, which Provilla calls “DataDNA,” to tag sensitive data. DataDNA allows policies to be attached to specific pieces of information rather than whole documents. Policies are monitored and enforced by client software installed on the endpoints.

A DataDNA Server appliance acts as a central management console for configuration of policies and creation of DNA signatures from sensitive content. The Server scans network-attached storage and servers as well as all endpoints to find sensitive content in both structured and unstructured format. A Management Dashboard allows administrators to create and maintain security policies, view alerts and summaries of suspicious activity, and monitor the status and health of endpoint agents, the company said. Benjamin Powell, a senior IT security analyst said his employer, a large financial institution, is deploying the LeakProof product in production for around 1,000 users after trying the product in beta for 11 months.

The company will use Provilla to monitor source code and data files and some types of data elements like credit card and social security numbers, he said.

Powell said the product was much needed, given that network based protections are easy to circumvent using USB devices or Bluetooth connections. However, Powell is looking forward to an update that will introduce login-based rather than machine-based privileges and policy enforcement, and a way to deal with offline policy exceptions, he said. The drumbeat on data protection has been beating steadily for months now, as news about lost or stolen laptops and lost employee and customer data cast an unsavory light on the likes of HP, Starbucks, MCI, the University of California, and the Veterans Administration.

Those headlines have auditors pushing hard for companies to address the data leak problem, said Steve Roop, vice president of marketing at data protection firm Vontu, which is planning to announce its own major product upgrade on Monday.

“The big trend we’ve seen in the last six months is that auditors are giving very specific dates to do scanning, clean up data shares, and remove confidential data,” said Roop.

Data theft and data protection are going to be major themes at the annual RSA Security Conference in San Francisco, which kicks off on Feb. 5, with more news from data protection news from companies like Tizor, Imperva, AppSec Security, and others on tap in the days and weeks ahead.

Click here for additional resources: Endpoint Security White Paper