A Bank Implements Encrypted USB Drives for General Use with Security and Management Features.
For A Bank, using USB drives is unavoidable. The concern is that they do not wish to let their employees to use any kind of USB drives since the bank would not be able to track, monitor, or control the USB drives, not to mention the danger of leaking private information stored on USB drives, if they are either lost or stolen.
Thus, they are looking for a solution that can still allow their employees to use the USB drives while maintaining high levels of manageability, control, and security, in and out of their network.
- Ability to control USB drives remotely within the internal network and on the internet
- Restrict specific USB drives from usage outside of bank domain
- Easy integration and deployment
- Auditing and monitoring capabilities
- Anti-virus protection
- Ability to restrict specific file types from being stored on USB drives
Secudrive USB management system has all the features that are required by Bank A, helping them to completely monitor and control all USB drives and usages.
SECURITY INSIDE AND OUT
Bank A wanted separate servers for the USB drives, in and out of their network. So we installed our software on two servers, one within their network and one on the DMZ to communicate with USB drives that are out of the network. Secudrive USB Management Server can be registered to two separate servers, allowing the administrator to switch between the servers if needed. Furthermore, they can set up policies to:
- set USB drives to be functional only within the bank network, but not outside.
- set USB drives to be functional only on computers within the authorized domain.
REMOTE CONTROL AND MONITORING
Bank A can monitor and control all USB drives completely and remotely. They can change and update security policies at any time while monitoring and logging USB drive activities real-time. Therefore, the administrator can remotely wipe the USB drives that are lost or stolen, ensuring that all data including stored data, encryption keys, manager information, and all the smallest data are completely destroyed. The USB drives will also be rendered unusable until they are reinitialized by the management console. Remote features also include useful tools such as password resets and file transfers.
FILTERING AND MALWARE
Secudrive USB Basic+, along with other manageable USB products, can be set to filter out specific file extensions. This feature prevents possible infections or corruptions to the bank systems by setting the USB drives to restrict unrecognized file types from being stored. It also gives the administrators more control to approve certain file types to enter the USB drives. In addition, all Secudrive USB drives are equipped with Trend Micro Vaccine program to prevent any virus or malware infections, which can be transferred through USB drives.
Secudrive also provides local pattern updates to update Trend Micro Vaccine for all USB drives simultaneously, since Bank A blocks internet access for their users.
Considering Bank A’s significant position in the industry, it is rather unreasonable to have the manager register and set up more than 200 USB drives and their user information. Therefore, UMS 3.0 integrates with Windows Active Directory (AD). This integration provides the administrator the solutions to distribute the USB drives to the users, notify the users to log in to their PCs with their AD accounts, connect the USB drives, and log in to set up the USB drives with their individual AD accounts. This method supports individual USB drive set-up by the users themselves, instead of numerous and cumbersome USB drive set-ups by one or two administrators.