Devices are linked to the network every day, whether you like it or not. Somewhere, at some time, end users are
plugging in their iPods, digital cameras, flash drives and USB sticks.
There are dozens of tools out there to block or limit their use, but how do you know whether investing in those tools is worthwhile? How do you know which devices have been plugged in and how often?
SecureWave, maker of Sanctuary, a tool that provides policy-based control over endpoint applications and devices, recently released Device Scanner, a free tool that network administrators can use to determine what types of devices have been on the network and with what frequency.
Device Scanner is a downloadable clientless tool that tells network pros what's been plugged into each PC or networked device. It is available through SecureWave's network of resellers.
"Most companies have no idea," said Dennis Szerszen, vice president of corporate strategy for SecureWave. "This gives them knowledge."
"Device Scanner provides administrators with a complete view of what devices have ever accessed its network, as well as recent connections," he said. "The results can be shocking. In some instances, we've found organizations with massive numbers of devices plugged in at once, despite having a device-use policy in place."
Joe Gabanski, network administrator for the City of Lake Forest, a Chicago suburb, said one quick run of Device Scanner uncovered a host of devices that had been hooked up to the network.
"We ran a device scan and were surprised at some of the stuff we saw," he said.
The use of USB storage devices was much more prevalent than he and his network team had thought, Gabanski said. They also found that digital music players had been linked to workstations that have secure access and a handful of modems no one knew were there.
"We realized we had a real potential security threat on our hands," he said. "Workstation security is just as important to us as perimeter security."
Gabanski noted that the City of Lake Forest doesn't have a "set in stone" policy about device use, but he "realized that we have to control these things."
Now, he said, devices must be approved by IT before they connect to the network. IT will allow no executables and no digital music players. There could be legal implications of not logging what comes into and goes out of the network, he said, and workstations and device use have to be limited to "appropriate city business only."
After running a Device Scanner and determining what devices had been on the network, the City of Lake Forest started using SecureWave's Sanctuary to curb and control the use of such devices. With Sanctuary in place, Gabanski said, users won't have the option to plug in certain devices, and IT will have greater management control over the devices that are used.
"If we can just nip it in the bud," he added, "it lowers the overall TCO."