Insights from the industry
Kingston Beefs Up USB Drive Security—Somebody's Gotta Do It!
Kingston Technology (http://www.kingston.com) customers told the company that they needed a way to guarantee data security on mobile drives. Kingston already offered DataTraveler Elite (DTE), an encrypted USB flash drive, but its security features weren't enough in some situations.
According to Heather Skinner, Kingston public relations manager, "Customers said, 'Great, but we still need X, Y, Z.'" So Kingston recently released DTE Privacy Edition, which automatically secures 100 percent of the drive's data by using 128-bit hardware–based Advanced Encryption Standard (AES) encryption. In addition to encryption that a chip on the USB device performs, DTE Privacy Edition offers several other advanced security measures, including support for complex passwords and a mechanism that locks out would-be attackers after 25 consecutive failed password attempts.
Netikus Offers Enjoyable Monitoring Tools
Netikus (http://www.netikus.net) founder Ingmar Koecher gave us an enticing overview of his company's unique network-management product, EventSentry. Koecher, who started out as a systems administrator, has strived to create an "affordable, easy-to-use product that IT administrators actually enjoy using," and from the sound of it, EventSentry is firing on all cylinders. The product is unique because of how it "bridges the gap between open-source and expensive commercial solutions," said Koecher. EventSentry's primary components—event log monitoring, system health monitoring, and basic network monitoring—might seem standard parts of a typical monitoring solution, but Netikus also provides open-source flexibility (e.g., with multiple database options), environment monitoring (e.g., temperature, water, smoke), and even a downscaled freeware version called EventSentry Lite.
AppSense Plays Offense Against Malware on Clients
"We're going to be the leader in endpoint-security; we're going to redefine endpoint security," says Martin Ingram, vice president of product management at AppSense (http://www.appsense.com). "The key thing is to be proactive." The AppSense Desktop Security suite moves from the reactive approach of blocking malware according to signatures and blacklists to the offensive approach of "controlling by the known good." Under AppSense Desktop Security, only software installed by administrators is allowed to run by default. Companies can adjust this policy, and in fact, a new feature called Self-Authorizing Users gives designated users more capabilities.
AppSense Desktop Security locks down USB–device ports and certain features for designated users and prevents changes to registry settings. To help users assess the vulnerabilities on their systems, AppSense is offering a new tool—AppSense Security Analyzer—for free on its Web site.Don't Overlook Network Printer Ports
When a large power company became worried that a malicious hacker could leverage a printer port to gain control of the substation relays of its energy grid, TECSys Development, Inc. (TDi— http://www.tditx.com) came to the rescue with an updated version of its ConsoleWorks networkmonitoring application, ConsoleWorks 3.1. The application offers a host of network-security and event-remediation enhancements, including remote security monitoring of the often-overlooked regular network printer ports. "To truly protect a company's computing infrastructure and assets, a security monitoring solution must be able to monitor every device on a network, not just servers and desktops," said TDi CEO Steve Cotton. ConsoleWorks is a Web-based enterprise event-monitoring, event-management, and regulatory-compliance software solution that can remotely monitor and protect most network entry ports. The application analyzes data from SNMP traps, syslogs, and other data feeds; notifies appropriate personnel of potential network breaches; and executes operator-specified actions to automatically avert downtime and potential security problems