GFI Software, an international developer of network security, content security and messaging software, has released EndPointScan, a free online service that allows you to check what devices are or have been connected to computers on your network and by whom.
Using this diagnostic tool, you can identify those areas where the use of portable storage devices could pose a risk to the integrity of the company’s systems and data.
The uncontrolled use of portable mass storage devices such as USB sticks, CDs, floppies, smartphones, MP3 players, handhelds, iPods, digital cameras coupled with data theft techniques such as ‘pod slurping’, are a major threat to network security and could lead to security breaches, data theft, viruses and other malware being uploaded to a company’s network.
Earlier this year, for example, a scientist who worked with DuPont was arrested after he had copied $400m worth of commercially-sensitive information from the network. This is why it is vital for you to know what devices have been or are currently in use on your company’s network and to be in a position to take action where the risk of a breach is high.
Security companies, including GFI Software, have long warned of the risks of portable storage devices and how vital it is that companies do something about it. Knowing what devices are on your network and the threat they pose is the first step towards minimising these risks and this is what EndPointScan diagnostic tool is designed to do.
Unfortunately, many businesses are unaware of or ignore the threat until something actually happens. According to research conducted on behalf of GFI Software, 35% of 370 UK companies surveyed said they considered portable devices to be a massive risk to their company’s security.
However, 83% of employers said they provided devices such as USB sticks, PDAs and Blackberrys to their staff. It is even more worrying to note that even though 51% said they know who uses these devices at the office, 71% do not log what files are transferred to and from the network. For all they know sensitive and confidential data could have easily been stolen from the network.
“Over the past few months, we have strived to create awareness on this issue and the launch of this utility is aimed at helping administrators to examine device usage on their network and act accordingly to reduce possible future risks. We have made it a point to keep the utility as simple as possible and easy to use.”
Andre Muscat, Director, Network Security Products at GFI, said. “Our main message is that the cost to take the necessary action to manage risk is much less than the costs involved reacting to a particular incident. We believe that an endpoint security solution such as GFI EndPointSecurity product is a must in today’s highly networked corporate environment,” he added.
EndPointScan carries out granular checks across all types of ports such as USB, Firewire, Bluetooth, Infrared, PCMIA and Wi-Fi on all machines. This utility provides complete and thorough information about all portable devices and can scan multiple computers simultaneously.
EndPointScan is fully compatible with existing network management or administrative tools such as Active Directory and it will also work on Vista systems.
“To use EndPointScan all that administrators need to do is install the ActiveX control when prompted and run the scan. There is very low resources consumption and endpoint audits have a negligible effect on network performance,” Muscat said.