Comprehensive Content Control Needs Three Layers

The first line of defense in most content control solutions is a gateway that monitors and blocks information leaks as they travel through the network and out to the Internet. Comprehensive detection and prevention increasingly requires two additional layers of protection: device control and application control.

By devices, we mean anything at the physical or wireless end point of the network –- desktops, laptops, USB devices (iPods, memory sticks), CD/DVDs, Wi-Fi, etc. Controlling the end points ensures that portable media are not used to download sensitive information and take it out of the facility where it can be stolen, sent to competitors, or compromised in other ways.

Application control means designating which company programs are authorized to run on the above devices. If users load unauthorized applications they may clash with the company’s standard applications or they may contain viruses. Most USB devices are capable of auto-running applications straight from the drive when it's inserted, so this threat is particularly alarming.

Content control vendors are recognizing the need to provide protection at all three layers. The trend is to forge partnerships with end-point security and application control vendors. A good example of this is PortAuthority's recent partnerships combining Safend Protector 3.0 for end-point security and WebSense's Web Security Suite for application control.

... Nancy Cox

Post a comment

You must be logged in to post a comment. To comment, first join our community.