Many organisations are becoming increasingly aware of the risks of data being stolen or compromised from endpoints such as pcs, laptops and smart phones. Endpoint security solutions provide means of limiting this damage using various data loss prevention methods. As an example, full disk encryption ensures that in the event where endpoints such as notebooks are stolen or lost, the data on the hard drive cannot be extracted since it is protected by what is known as pre-boot authentication which ensures that stored information will only be accessed once the correct credentials are supplied to the system.
Apart from disk encryption, endpoint security provides network and application firewalls that control how users can access different applications and also which applications are allowed to process and send information. This would for instance protect users from accidentally running malicious code that sends confidential information to non-intended recipients.
Control of information flow from removable media and usb keys is also important. With today's solutions one is not just limited to blocking all interface capabilities of the endpoint (for instance disabling usb interfaces) which might result in an annoyance to the end-user. There are ways and means to identify the types of devices that are being used, for instance certain types of usb keys but not others. Systems can thus be configured to protect information stored on this media by means of encryption to avoid data leakage in case this media is displaced.
At the highest level, one can also choose to monitor the content of the information within recognised filetypes and control the flow based on the level of confidentiality this was classified to.
The links below provide an overview of solutions from our partners: