TECH DIGITAL RESOURCE LIBRARY

DeviceLock

Since its inception in 1996 as SmartLine Inc, DeviceLock, Inc. has been providing well-integrated and cost-effective endpoint security solutions. With more than three million computers installed in over 55,000 organizations worldwide, DeviceLock has a vast range of corporate customers that include financial institutions, state and federal government agencies, classified military networks, telecommunications companies, and educational institutions. DeviceLock has international offices in California (U.S.), London (U.K.), Ratingen (Germany), Moscow (Russia) and Milan (Italy).

Our Website: http://www.devicelock.com


Latest Content From DeviceLock

Whitepaper: DeviceLock For Compliance With The PCI Data Security Standard

by DeviceLockDec 20, 2008

Soon after they were introduced years ago, payment cards became one of the most popular means of making payments for goods and services among the public. But while payment cards provide their holders with maximum convenience, using them involves additional risks. If the information that is contained on a plastic card falls into the hands of a malicious user, the owner of that card risks losing money from his personal bank account. It is equally important to note that cardholders aren't the only ones who have fallen victim to these risks-- both banks and payment systems have also suffered. If payment information has been compromised, banks must issue new cards, and this process means additional expenses. In some cases, banks must restore material damages incurred by the cardholder. In addition to direct losses, financial institutions also face major indirect losses such as damaged reputation and diminished trust in payment cards. The Payment Card Industry Data Security Standard (PCI DSS) was drawn up in order to reduce leakage and inappropriate use of plastic card information. Today, the requirements set out in PCI DSS apply to all companies that process, store, or transfer data about cardholders: banks, processing centers, service providers, retail stores, e-commerce businesses, etc.


Whitepaper: Adapting Endpoint Security to 'Mobilized' Consumerization

by DeviceLockDec 20, 2008

Consumer electronics and applications are proliferating in corporate IT environments, significantly increasing the threat of lost and stolen data. Personal devices such as smartphones and Mobile Internet Devices (MIDs) are now commonly brought to work and used for business purposes. This consumerization of corporate IT is predicted to accelerate in coming years as Digital Natives -- those raised playing computer games -- penetrate corporate ranks. This generation not only has a great fascination with ultra-modern electronic gadgets, they also have a natural ability to operate them. This fact along with continued progress in microelectronics, telecommunications, and consumer product offerings will make it virtually impossible for IT departments to stop the spread of consumer habits and tools in the workplace. In preparation, significant attention must be paid to the definition and enforcement of IT security policies related to personal devices and corresponding changes in security threat profiles. To meet the challenge, the industry should have an effective solution for every aspect of endpoint security.


Whitepaper: DeviceLock For HIPAA Compliance

by DeviceLockDec 20, 2008

In keeping with the Health Insurance Portability and Accountability Act, Public Law 104-191 (HIPAA), which was adopted in 1996, all American organizations that use the personal medical data of citizens are required to guarantee the confidentiality of that information. HIPAA requirements are mandatory for medical institutions, medical insurance companies, government agencies, and other organizations that have access to private medical records. The privacy and security requirements set out in HIPAA have also been included in two additional statutory acts. First, there is the HIPAA Privacy Rule (Standards for Privacy of Individually Identifiable Health Information). This document requires that the confidentiality of absolutely all medical data be maintained, whether the data is in paper or electronic format or even if the information was pronounced out loud by a doctor. In general, the HIPAA Privacy Rule focuses on general issues of ensuring the protection of medical data, such as cases in which data is disclosed to third parties or organizations. Second, there is the HIPAA Security Rule (Health Insurance Reform: Security Standards). This document contains more detailed requirements for the protection of electronic medical records and describes the necessary policies and procedures. Violation of HIPAA provisions is punishable with both civil and criminal liability. This white paper will review the requirements of the HIPAA Security Rule, which has an impact on a company's information infrastructure and the security means used therein.


Whitepaper: Mammoth Hospital's Prescription For Preventing Insider Data Leaks

by DeviceLockJan 01, 2010

To prevent patient healthcare records from walking away on flash drives and other personal devices, this hospital has implemented a phased deployment of device/port access control. In the first phase, IT audits/shadows all download and upload activity at endpoint ports and drives. Observations about how employees are using their devices are key to setting effective device-related security policies. Next steps include allowing only sanctioned encrypted devices to access endpoint ports and drives. This case study will explore the capabilities of device/port access control and the reasoning behind each phase, as the hospital strives to balance business productivity with security compliance measures.


Whitepaper: The Fusion Of Context And Content Awareness –- Making Endpoint DLP Effective

by DeviceLockJan 15, 2010

The risk-based approach to information security that has dominated the corporate market in recent years has resulted in the IT security industry moving from a network-centric to a data-centric information security model. It was around 2002-2004 that the first network-resident data leak prevention (DLP) appliances for analyzing the content of network communications appeared on the market. These filtered network content such as Web access, e-mail and instant messages to prevent corporate data leakage as a result of insider misconduct. At the same time, the growing threat of data leaks from corporate computers through their local ports and peripheral devices created a demand for device/port control products and soon after for endpoint DLP solutions with much wider context-based functionality.