From DeviceLock, Inc.
Firewalls and antivirus software are no defense against acts of data theft and corruption from within your organization at local endpoints. You don't have to be an administrator to connect a small digital camera, MP3 player, or flash memory stick to the USB and begin uploading or downloading whatever you want. If you are a system administrator, you know you can't manage such device-level activity via Group Policy.
Using endpoint device security solution called DeviceLock®, network administrators can lock out unauthorized users from USB and FireWire devices, WiFi and Bluetooth adapters, CD-Rom and floppy drives, serial and parallel ports, PDAs and smartphones, local and network printers and many other plug-and-play devices. Once DeviceLock is installed, administrators can control access to any device, depending on the time of day and day of the week.
For enterprises standardized on software and hardware-based encryption solutions like PGP® Whole Disk Encryption, TrueCrypt and Lexar® SAFE PSD S1100 USB drives, DeviceLock allows administrators to centrally define and remotely control the encryption policies their employees must follow when using removable devices for storing and retrieving corporate data. For example, certain employees or their groups can be allowed to write to and read from only specifically encrypted USB flash drives, while other users of the corporate network can be permitted to "read only" from non-encrypted removable storage devices but not write to them.
The USB white list allows you to authorize only specific devices that will not be locked regardless of any other settings. The intention is to allow special devices (e.g. smart card readers) but lock all other devices. Media White List feature allows you to authorize access to specific DVD/CD-ROM disks, uniquely identified by data signature, even when DeviceLock® has otherwise blocked the DVD/CD-ROM drive. A convenience when DVD/CD-ROM disks are routinely used for the distribution of new software or instruction manuals, Media White Listing can also specify allowed users and groups, so that only authorized users are able to access the contents of the DVD or CD-ROM.
The DeviceLock®'s optional data shadowing capability significantly enhances the corporate IT auditors ability to ensure that sensitive information has not left the premises on removable media. It captures full copies of files that are copied to authorized removable devices, Windows Mobile and Palm OS-based PDAs and smartphones, burned to CD/DVD or even printed by authorized end users. Shadow copies are stored on a centralized component of an existing server and any existing ODBC-compliant SQL infrastructure of the customers choosing.
DeviceLock® Enterprise Server can monitor remote computers in real-time, checking DeviceLock® Service status (running or not), policy consistency and integrity. The detailed information is written to
* Added new optional component - DeviceLock Content Security Server (DLCSS). DLCSS includes DeviceLock Search Server which enables you to instantly search text across shadowed files and other logs stored on DeviceLock Enterprise Server.
* Added granular access control, auditing and shadowing for iPhone and iPod Touch devices. Now you can set permissions for different objects (media, contacts, files, etc.) transferring to/from iPhone/iPod. Also, you can enable auditing and shadowing for objects copying from the PCs to iPhones/iPods.
* Added access control and auditing for BlackBerry devices. Now you can control who can connect a BlackBerry device to a local computer and when they can do it. Also, you can audit any user activity involving the BlackBerry device type.
* Added integration with Lexar JumpDrive SAFE S3000 encrypted flash drives. DeviceLock detects Lexar JumpDrive SAFE S3000 drives and applies special "encrypted" permissions to them.
* Added integration with DriveCrypt. DeviceLock detects encrypted DriveCrypt disks (USB Flash Drives and other removable media) and applies special "encrypted" permissions to them. Using these "encrypted" permissions you can, for example, allow writing only to encrypted removable devices and deny writing to unencrypted media.
* Added optional protection against anti-rootkit techniques that could be used to disable DeviceLock Service. When "Enable Unhook Protection" is checked on the "DeviceLock Administrators" dialog, the DeviceLock Driver controls the integrity of its code. If a violation is found, DeviceLock causes Windows to stop with a fatal error.
* Added support for the TrueCrypt's "File-hosted (container)" volume type.
* Added support for Microsoft Windows 7.
64 MB RAM