Mobile employees can be a pain in the neck. Whether it's preventing unauthorized use of thumb drives to take files home at night, or keeping tech-savvy workers from skirting network policies, keeping the rank and file in line while online can be a headache. But it doesn't have to be.Yesterday, InformationWeek writer Larry Greenemeier outlined a number of the issues facing IT with respect to security. The biggest problem facing enterprise security is that people are people. Many employees don't like access to their work machines or the Internet controlled or restricted by their employers. Put a wall up that blocks them from where they want to go, and they'll find a way to get over or around it. Given peoples' propensity for being lazy, rebellious, or just plain stupid, IT departments have to employ security tools to keep their networks from being overrun by those up to no good. This is even more imperative for employees who use company computing assets outside of the firewall. Luckily, such tools are readily available.
One that combines a number of protective schemes is Device Protection Online from iPass. IPass has traditionally provided companies with a secure way to connect employees to the Internet, be it via dial-up, Ethernet connections found in hotels, Wi-Fi hotspots, and even 3G wireless. This new subscription-based service mitigates the risks related to use of the Internet, USB ports, and rogue applications. The good news is that IT departments don't have to shell out for new equipment. The service can be bundled with iPass's existing offerings for a per-user monthly fee.
Aside from the usual assortment of policy management, application protection, and Internet restrictions, the service offers a complete USB lockdown. It blocks output of data via USB ports, blocks the read, write , and execute permissions on removable drives, and disables unapproved devices. That'll prevent employees from pulling potentially sensitive data off their machines and passing it to others. Or losing it. With the number of iPods and other mass-storage devices permeating corporate environments, this is key.
Now if only IT can convince people to stop using "password" as their password...