DeviceLock now thwarts data leakage via iPhone and Blackberry local syncs

Moscow, Russia – November 2009 – DeviceLock, Inc., a worldwide leader in endpoint data leak prevention software solutions, today announces that version 6.4.1 of its DeviceLock® software now delivers highly granular, interface-independent control over local data synchronisations between iPhone® and iPod® touch mobile devices and corporate endpoint computers like desktops and laptops. DeviceLock 6.4.1 also includes device presence detection, access control and logging for BlackBerry® devices.

With iPhone and BlackBerry support, DeviceLock delivers an unprecedented level of control for local synchronisation between DeviceLock-protected computers and most popular business-level smartphones including Windows Mobile®, Palm®, iPhone, and BlackBerry platforms.

“There are many legitimate reasons for an employee to connect a smartphone to their office PC and run a local synchronisation for data transfer. However, anyone with an illegitimate purpose in mind, like data theft, knows that such transfers completely bypass the corporate network and cannot be controlled by network-based security solutions,” explained Ashot Oganesyan, DeviceLock CTO and Founder. “An all-or-nothing approach – when all smartphones are either allowed or prohibited to sync locally with a particular computer – is too risky. The ‘all’ setting risks security, the ‘none’ productivity. You need a means of defining and enforcing permissions on a more flexible, granular basis. Our customers already count on DeviceLock for permissions-based management of removable storage devices, so it’s a natural extension to cover local syncs by smartphone platforms. With DeviceLock in place, organisations can impose a “least privilege” mobile device policy that limits data exchanges to only specific smartphones and to only the types of data required for an employee to carry out their business duties.”

Featuring a patent-pending local synchronisation filtering technology, DeviceLock gives security administrators the ability to centrally control which types of data specified users or their groups are allowed to synchronise between corporate computers and locally connected mobile devices including Windows Mobile, Palm, iPhone, and iPod. In addition, device presence detection, access control and event logging is also supported for BlackBerry® smartphones.

For Windows ActiveSync®, Windows Mobile Device Center, HotSync® and iTunes® protocols, DeviceLock can recognise and filter numerous data object types, empowering administrators to selectively allow or block the synchronisation of files, emails, email attachments and accounts, contacts, tasks, notes, calendar items, bookmarks, and various media types. For Windows Mobile devices, permissions can also be defined for remote installation and execution of applications.

Time or schedule-based policies, as well as data flow direction control can also be enforced for local synchronizations to allow corporate security policies to be more flexible, precise and dynamic. DeviceLock detects the presence of any supported mobile device regardless of its connection interface. Smartphones that connect through a USB interface can be identified and white-listed with fine granularity, even down to the level of a unique device.

For organizations of any size and industry, DeviceLock software proactively protects endpoint computers against local data leaks and malware infiltration resulting from insider negligence, accidental mistakes or malicious actions. It enables IT security personnel to precisely control, log, shadow-copy and audit end-user access to all types of local ports and peripheral devices, including personal mobile devices, as well as local and network printers. Complementing its port, device, and data channel-based controls with data type-level security, DeviceLock supports true file type detection and filtering. This function works by intercepting any file system’s read/write operations with peripheral devices, performing real-time analysis of the entire binary content of transmitted data, and enforcing applicable file-type based security policies. DeviceLock also integrates with leading encryption products from PGP, Lexar, SecurStar, and TrueCrypt in order to protect data on removable storage devices. In addition, DeviceLock blocks operations of USB and PS/2 hardware keyloggers.

DeviceLock provides scalable, centralised, and easy-to-learn management and administration via a Microsoft Management Console (MMC) that natively integrates with Group Policy Object Editor in Microsoft Active Directory. DeviceLock agents can be deployed, managed and administered completely from within an existing Microsoft Active Directory domain. A separate component, the DeviceLock Enterprise Server (DLES), is available for centrally auto-collecting audit and shadow data from managed endpoints. Highly-granular event logging and data shadowing configurations are supported for tracking and analyzing user actions on peripheral ports/devices, related system events and data transferred to peripheral devices. In addition, DLES can monitor remote DeviceLock-managed computers in real-time to check on agent status and policy template consistency. New in DeviceLock 6.4.1 is an optional add-on component for full-text search in the central shadowing and event log database – DeviceLock Search Server (DLSS). DLSS is aimed at making the labor-intensive processes of information security compliance auditing, incident investigations, and forensic analysis more precise, convenient and time-efficient.

Since its inception in 1996 as SmartLine, DeviceLock, Inc. has been providing endpoint device control software solutions to businesses of all sizes and industries. Protecting more than 4 million computers in over 60,000 organisations worldwide, DeviceLock has a vast range of corporate customers including financial institutions, state and federal government agencies, classified military networks, healthcare providers, telecommunications companies, and educational institutions. DeviceLock, Inc. is an international organization with offices in San Ramon (California, US), London (UK), Ratingen (Germany), Moscow (Russia) and Milan (Italy).