Posted by: Tony Bradley
Active Directory, breach, compromise, data, employee, internal threat, leak, USB drive, Zecurion, Zlock
Most IT managers would probably be shocked to learn how much data is leaked or compromised from internal employees–particularly those who are leaving the company.
A recent Ponemon Institute survey of 1000 workers that recently changed jobs revealed that 59% of them did not feel any wrongdoing in taking company’s data when leaving or asked to leave a job. Employees take information such as customers’ data, email and contact lists, employee records, financial records, confidential business documents and other intellectual property.
The economic crisis has exacerbated the problem. The skyrocketing number of workers who have been let go as a result of tough economic times has been accompanied by a similar spike in data theft and compromise. Many workers who still have their jobs may even preemptively horde sensitive and confidential information out of paranoia that they may soon be out of work.
The diversity of portable devices capable of storing huge amounts of data doesn’t make things any easier for IT administrators. Devices like smartphones, MP3 players, digital cameras, and more traditional storage like portable external hard drives, SD memory cards, and USB flash drives provide users with small, convenient, and virtually undetectable tools for transporting gigabytes–potentially even hundreds of gigabytes–of data.
Zecurion has a solution to enforce policies, and protect the data with Zlock. According to the Web site, “Zlock is an endpoint security software solution that was specifically designed and developed to address today’s corporate needs to prevent data leakage by securing and managing various computer ports including USB, LPT, Firewire, Serial, etc. Zlock provides lockdown of computer ports and management console to implement a port/device user access control. User access control, which is based on access control lists (ACL), is tightly integrated with Active Directory (AD). System administrators can take full advantage of the existing AD user groups, which can be assigned various port/device access levels, such as: allowing full access; read only; or denying the access altogether.”
IT administrators aren’t omniscient. They need tools like Zlock to ensure that users can not simply save confidential and sensitive data and walk out the front door with it. Zlock also can also log and create shadow copies of data that is saved or printed, providing a valuable forensic and compliance tool as well.