South of Tyne and Wear Primary Care Trust select DeviceWall to meet standards on data security
Endpoint security key part of layered approach to encryption and data access
July 1st 2009: FrontRange Solutions, the developer of business software for mid-sized and distributed enterprises, today announced that South of Tyne and Wear Primary Care Trust has selected its DeviceWall® endpoint security solution as part of a layered approach to meet government guidelines on the treatment of sensitive data. DeviceWall will control users’ rights to transfer data to and from mobile devices such as USB memory sticks.
The South of Tyne and Wear Primary Care Trust is a management structure consisting of three Primary Care Trusts (PCTs); South Tyneside, Sunderland and Gateshead. It is responsible for a huge amount of personal data as it provides health services to approximately 600,000 residents across the area. The IT team provides services to 3,200 users at 260 sites, across the three Trusts.
As a result of a number of high profile public sector data breaches, the government has recently put in place a framework dictating targets and behavioural guidelines with regard to data security. There are two elements to this framework. The first is the encryption of data in transit and the second is the restriction of which users are allowed to transfer data to those encrypted devices.
“We’re taking our responsibility to keeping sensitive data safe very seriously,” said Darren Piper, technical project manager at South of Tyne and Wear PCT. “The data breaches that have been in the media recently have damaged the public’s confidence in the public sector’s ability to safeguard data but we are taking every possible step to ensure this confidential information remains secure.”
Having looked at a number of other products, South of Tyne and Wear PCT selected DeviceWall to enforce the second aspect of this framework and will be using it alongside Mcafee Endpoint Encryption and SanDisk Cruzer Professional USB Encrypted memory sticks as part of a suite of security products in place to meet these guidelines. The PCT has replaced 800 memory sticks with encrypted devices and once port control across all endpoints is enabled, staff will only be able to use those devices they are authorised to use.
Darren Piper says: “We selected DeviceWall because it was the most mature of the products we considered. It provides high levels of functionality but at a cost effective price point and will allow us to control users’ access to USB removable storage and removable media, in turn enabling us to meet the government’s regulatory requirements.”
DeviceWall is currently rolled out across the PCT and is due to go live at the end of June. In the meantime, the team is investing time in an awareness campaign to educate employees regarding the new restrictions. This ensures that all employees will understand how access to removable storage & removable media will work moving forward, to ensure that any impact this change will have on the business is minimised, whilst ensuring data security.
As a default policy, no users will be allowed to transfer data to non approved external storage devices. Employees will then have to prove the business case for allowing them to do so and then access will be granted only if it is deemed appropriate.
Matt Fisher, Director of Marketing at FrontRange Solutions says. “By implementing a layered approach to security that not only encompasses several distinct technologies, but also a strong user education programme, South of Tyne and Wear PCT has shown a high level of commitment to the issue of protecting sensitive information. DeviceWall’s ability to effortlessly define and enforce different policies for different groups of users depending on criteria such as their job roles and seniority will make it easier for the PCT to achieve its security goals.”
Prv korak u identifikaciji sigurnosnih rizika u okviru korisničkog IT okruženja je svakako identifikacija svih dogadjanja i promena na mreži u bilo kojem datom momentu. Centenial Discovery je jednostavno nenadmašan alat u pronalaženju, proveravanju i praćenju bilo kog tipa hardvera i softvera koje korisnik ima instalirane u poslovnom okruženju.
om rešenje za jednu vrlo bolnu i opasnu tačku povredljivosti sistema – tzv. ENDPOINT DATA TRANSFER ili jendostavno zaštitu od neovlaštenog pristupa podacima koji se kopiraju preko nekog od perifernih uredjaja.