Why USB drives and CDs are a security risk to your corporate network

Computer network security

It is common knowledge that business organizations need to make significant investments to safeguard their data. This involves protecting the corporate network from external threats and internal parties (employees) as well. This is where effective Endpoint Security (EPS) comes into the picture.

EPS is a network security concept that places the responsibility of each device’s security on the device (end-point) itself. Most corporate networks are accessed via remote devices like laptops or smartphones but each of these devices is a potential entry point for malware and security breaches. The centralized and unifying security solution for these devices is known as Endpoint Security.

The security software is installed on each device but it is centrally managed by a remote server. This server validates logins and also provides real-time security updates, amongst other functions. As more employees adopt a BYOD (Bring Your Own Device) policy, the need for such centralization is more urgent than ever.

Unfortunately, not all business organizations realize the importance of effective EPS. Defining and implementing security compliance guidelines is crucial for operational smoothness and data loss/theft prevention. Here we will highlight a few inherent benefits of EPS software.

What makes EPS features so useful?

Persistent need for constant ‘Device Control’

Irrespective of whether a company follows a BYOD policy or not, one of the biggest network threats are external devices like USB drives and CDs/DVDs. An employee may unknowingly infect the network by using an infected device. Malicious downloads, infected files, corrupted images and other threats can easily spread via portable devices.

Infected USB drive

With cyberespionage and industrial cyber crime on the rise, device control is essential as crucial data can be stolen in this manner. Recently, there were reports where a company’s network was infiltrated because of infected USB drives that were scattered in the parking lot. Some employees found these drives and inserted them into their machines and thus breached the network.

Advanced EPS centralizes security policies that govern the use of USB drives and discs. The administrator can block complete access for discs or give partial or full access to USB drives based on departments and user groups. Data leakages and breaches can thus be avoided. Official USB drives can also be made exclusively accessible only on official machines.

Resource optimization through ‘Application Control’

While many applications are necessary for operations, there are many others that pose security threats or lead to a loss of company resources and waste employee time. Such applications need to be blocked. A useful example of these are Instant Messenger (IM) clients like Google Talk or Facebook chat. IMs are unmonitored entry points for malware so controlling them centrally is essential.

Google Talk

EPS allows complete application categories to be authorized or unauthorized. Specific applications which do not feature in predefined lists can also be added separately to validate them. A centralized control server of an EPS solution also allows a full scan of all authorized category lists and applications.

With such features on offer, Endpoint Security solutions are an absolute must for business organizations. Every device or end-point affiliated to the network needs to be safeguarded centrally to maintain the status quo, while all guidelines need to be adhered to as well. This and much more is the purpose of effective Endpoint Security.

Rahul Thadani

Rahul Thadani


8 Comments

Your email address will not be published.

CAPTCHA Image

  1. Hi! If the server is having antivirus which is regularly updated and is genuine, then would it help to prevent any virus attacks from external drives.

    Reply
    • Nikhil More Nikhil MoreMarch 5, 2013 at 6:51 PM

      Hello Vikram, If the antivirus has the option to scan external drives & that the option is enabled than a virus attack can be prevented. As the drive gets scanned before its available for use.

      Reply
  2. Avatar Sachin BoryalMarch 8, 2013 at 1:16 PM

    Good Information

    Reply
  3. Hi ,

    Thanks for dropping focus on importance of Device and Application Control in a Corporate Network.

    Reply
  4. Avatar Manoj MoreMarch 22, 2013 at 7:25 PM

    Nice info Rahul..

    Reply
  5. Avatar Nagji PatelAugust 28, 2013 at 11:04 AM

    Hello sir,If the antivirus has the option to scan external drives & that time my leptop will not work properly so what can i do please help me.

    Reply