Managing Endpoints using Device Control

By Enterprise Security Magazine | Wednesday, February 27, 2019

Endpoint SecurityUSB ports are on virtually every workstation and notebook throughout an enterprise network. However, how dangerous is the USB port and how important is it that a security solution gives the visibility and control of what is on their system?

Companies should gauge these threats which can potentially affect their systems. Firstly, companies should check whole class vulnerabilities associated with autorun, cold boot attacks and present commands that take advantage of the way operating system identify, enumerate and interact with USB protocols and standards. Loading a malicious file onto an ordinary flash drive can affect the entire network. Secondly, companies need to keep a tab of the data storage devices, which are mini-computers. Since they contain a small onboard microcontroller unit with its CPU, RAM, and ROM, companies’ employees think that a storage device is inserted, but the malicious peripheral can report itself as a keyboard or mouse and send automated keyboard strokes and clicks to control the host, traverse the file system or open applications.

Endpoint Security Companies: WebrootTEHTRISFormogicIntelligent IDGreat Bay SoftwareCheck Point Software Technologies.

Several researchers have shown attacks that patch or replace the firmware of a regular USB device for malicious attacks. These vary from keyboard injection strokes to network traffic capture via a reprogrammed USB Ethernet adapter.

Disgruntled employees, fierce competitors or hacktivists are just some of the people who could destroy a laptop or workstation with USB. This malicious device sends multiple power surges to any machine to which it is connected. In most cases, this causes fatal damage to the logic board of the computer.

Majority of company attacks involve making money and theft of data, and the USB port is an ideal entry point for cyber thieves. An unprotected USB port enables criminals to transfer confidential information without permission from invisible partitions to simple copying and pasting. Given the small size but high thumb drives capacity, this could be anything from customer databases and confidential emails to product specifications and just about any IP. Even the NSA lost control of its assets with hackers copying APT hacking tools on a flash drive and taking them home.

It is essential to protect against these threats that enterprise security software implements device control and manage the use of USB and other peripheral devices throughout the network.

Check out: Top Endpoint Security Companies.

Weekly Brief