GFI EndPointSecurity is a solution that provides comprehensive control over the use of portable devices like USB drives and iPods to prevent data loss and theft. It actively manages devices and file transfers by user, machine, access level and file type. Key features include volume encryption, access control policies for devices and users, data awareness to detect sensitive file types, and reporting on device usage and files copied. The solution monitors connected devices, controls data transfers, assesses risk, and logs user activity to safeguard corporate data and intellectual property without overly restricting productivity.

1. 1
By Joshua Daggs
Sales Engineer

2. 2
Overview
» The problem
» Scenario
» The solution
» Demonstration
» Summary

3. 3
THE PROBLEMTHE PROBLEM

4. 4
The problem
“In the past two years, 70% of businesses have traced the loss of sensitive or
confidential information to USB flash memory sticks”
– Ponemon Institute: July 2011
“The use of pen drives as an easy-to-carry storage device has increased in
the recent past and internal reports have confirmed that over 70 percent
cyber security breaches in the armed forces are due to their unauthorized
use”
– Army Officials report: Thehackernews, 2013
“Utah Department of Health reports Data for about 6,000 recipients was lost
by an employee of an outside contractor while traveling; the employee saved
the personal information to an unencrypted USB memory stick. Breach Costs
Processor $94 Million. The breach included Medicaid recipient's names,
Medicaid identification numbers, age and recent prescription drug use.”
– Michelle L. Price: Associated Press 2013

5. 5
Scenario
» Employee has an iPod with 80GB storage space
» Transfers half a gigabyte of corporate data in less than 10 minutes
» Sensitive company information (such as product plans and designs,
sales and accounting information, product design, human resources
track records) are sold to a third-party, that could be a competitor
» Employee loses his iPod containing security sensitive information

6. 6
A look at conventional control methods
» Banning all device usage in an organization
» Blocking drives on every computer
» Blocking connection ports on every computer
» Physically monitoring all connections 24/7
None of these are feasible solutions in today’s business environment

7. 7
THE SOLUTIONTHE SOLUTION

8. 8
Regain control with GFI EndPointSecurity™
» The key to managing portable devices is in the control over:
□ What devices are in use
□ When they were used and by whom
□ Control what data can be moved between systems and devices
» GFI EndPointSecurity provides comprehensive control on use of iPods,
USB drives and many other popular portable devices
» Actively manage devices by machine, user, access level, file type, time
and content

9. 9
Top features (1/2)
» Volume encryption for removable storage devices
» Granular access control, through the use of read-only and read/write
permissions on a user-by-user and device-by-device basis
» Controls data transfers involving removable devices through real file type
checking and content awareness
» Data leakage risk assessment capabilities
» Automated client-side agent deployment
» Group-based protection control
» Logs device-related user activity

10. 10
Top features (2/2)
» Allows administrators to block devices by class, file extensions,
physical port or device ID from a single location
» Allows administrators to grant temporary device or port access for a
stipulated timeframe
» Centrally monitors the network, detects connected devices and
performs various tasks
» Allows data on removable devices to be encrypted to prevent data
loss or theft

11. 11
Key features in depth (1/2)
Data leakage risk assessment capabilities on new dashboard
»The risk assessment engine assesses the risk level of endpoints and the
network, based on:
□ activity,
□ usage of removable devices,
□ their type and
□ the protective measures in place
»The dashboard provides visually concise information on items requiring
attention
»Risk assessment can be performed on demand or on a schedule, providing
visibility into all the devices ever used on the network

12. 12
Key features in depth (2/2)
Data awareness
» Data aware control of files transiting the endpoints on removable devices
» Content awareness based on the values in regular expressions or
dictionary files
» Out of the box predefined searches, detect well known security sensitive
information such as credit card numbers or ID card numbers
» Supports popular document types such as .doc, .docx, .txt, .pdf, etc
Enhanced file control capabilities
» Real file type checking works with embedded archives
» Define file type checking and content checking based on file size

13. 13
How does it work?
Installed agent
Installed agent
GFI EndPointSecurity monitors
and controls device usage

14. 14
0101010101010101010
0101010101010101010
Complete control of the data on mobile devices

15. 15
Product benefits
» Protect intellectual property and security sensitive information
» Prevents introduction of malware and unauthorized software on the
network through BYOD
» Easy-to-follow user interface
» Supports latest operating systems from Microsoft
Available in the following languages:

16. 16
GFI EndPointSecurity ReportPack add-on
» The GFI EndPointSecurity ReportPack is a full-fledged reporting add-on
» Schedule automatic IT-level and management reports based on data
collected
» Report on
□ devices connected to the network,
□ device usage trends by machine or
by user,
□ files copied to and from devices
(including actual names of files copied)
□ and much more
Device usage report

17. 17
SUMMARYSUMMARY

18. 18
Summary
» The exponential growth in portable storage device technology and
adoption has made it easier for data thieves to get away with sensitive
corporate data
» Administrators must have a way to technologically control the use of
portable storage devices
» GFI EndPointSecurity is the technological solution which:
□ Prevents data theft and protects intellectual property
□ Safeguards network operability by blocking malicious software
□ Supports productivity by blocking games and other non-work related files
□ Supports legal compliance by blocking objectionable material and pirate
software

19. 19
Product testimonials
Prior to the installation of GFI EndPointSecurity, users were downloading and
uploading all sorts of files to and from their PCs and servers. Now, with
surgical precision, I can control and monitor what is happening on the network
- who is doing what, when, how and where. Thanks GFI.
- Tony Malvarez, Aerotecnica S.A.

20. 20
Product kudos
» Thousands of customers worldwide use GFI EndPointSecurity
» Numerous product awards such as:

21. 21
Thank you for taking the time to join us today
Please feel free to contact us with any questions or comments us at
sales@gfi.com
If you would like to see what GFI EndPointSecurity can do for you,
Download a free trial copy by visiting us at
www.gfi.com/endpointsecurity
GFI Software is your complete software solution provider for SMBs