Data breach remains the leading cause of financial loss for organisations, costing an average of US$197 per record, according to the Ponemon Institute Study 2007.
The average data breach could cost upwards of $6.3 million per incident and potential lost business opportunity to the tune of $128 per leaked customer record. In order to prevent accidental and malicious loss of confidential data, enterprises need better insight into where their data is stored, or where its going.
To help enterprises shore up their defenses against data leakage, Lumension Security Inc., a leader in security management, has announced Sanctuary 4.3, a comprehensive solution that is said to effectively reduce risks of data loss and theft by encrypting and protecting easily accessible endpoints such as storage devices, removable media and now CD/DVD media.
In addition, Lumensions Sanctuary Device Control 4.3 allows administrators to enforce policy requiring either the built-in Sanctuary encryption or PGP Corporation encryption solutions for removable storage devices. PGP enterprise data protection solutions help organisations comply with FIPS-140-2 standards and provide centralised encryption key management and support for large secondary hard drives. Using PGP encryption with Sanctuary Device Control 4.3, administrators can easily establish and enforce granular encryption policies for removable storage devices; review device usage logs; and monitor the content of data transferred to and from devices.
Protecting the privileged and proprietary data residing on portable devices is a challenge for enterprises everywhere. Instituting data protection is becoming a standard solution to this problem. However, enforcing data protection policies becomes the critical challenge, said Charles Kolodgy, Vice President at IDC. Lawyers are requesting proof that a lost laptop or removable media was encrypted, they want evidence that the data was protected. Lumensions newest Sanctuary version delivers advanced data encryption while providing the enterprise with policy enforcement and auditing capabilities to answer that question. Features such as the ability to encrypt all types of removable media, which covers CD/DVDs as well as USB memory sticks, offer comprehensive protection against data breaches.
Enterprises are experiencing an increase in the loss of data assets as witnessed in recent high profile incidents, said Mike Wittig, president and chief technology officer at Lumension Security. Not only are cybercriminals refining their methods for stealing confidential data, but information is being leaked or lost by employees and contractors who have direct access. As a result, enterprises that suffer a security breach face lost business, lawsuits, fines and brand damage. In order to protect the viability of the business, enterprises need to adopt proactive security methodologies that safeguard confidential information and ensure the publics trust.
In addition, CDs/DVDs continue to be prevalent as a means of storing, sharing and distributing large volumes of financial data, patient records, or proprietary documents. Sanctuary 4.3 helps organizations mitigate risk and comply with industrys toughest regulations, continued Wittig.
Sanctuary 4.3 Delivers Key Benefits:
- Prevents Data Loss on CD/DVD Extends data security beyond USB and other portable devices to include CD/DVD media. Enforces encryption for data written to CD/DVD based on user or user group, with portability to non-Sanctuary machines for secure information sharing outside of the organization.
- Enforces Enterprise Encryption Policy for Removable Storage Devices Enables administrators to require removable storage device encryption by policy using native Sanctuary encryption and/or PGP Whole Disk Encryption.
- Simplify Compliance with Audit Trail of Data Transferred Every bit of data written to portable media such as USB thumb drives and CD/DVD media can be shadowed in a back office server for auditing and compliance purposes. Using the patented Shadowing Technology, administrators can log the filename or full file contents that are transferred to or from removable storage devices, now including PGP encryption solutions.
Sanctuary Application and Device Control 4.3 Delivers Expanded Platform Support:
- Expanded Agent Platform on 64-bit Architectures
- Windows Server 2003 64 bit support
- Windows XP 64 bit support
- Sanctuary Agent previously supported 64-bit Windows Vista
- Expanded Database Platform Support
- Support for SQL Server 2005 on 64-bit Architecture
Lumensions Sanctuary Device Control 4.3 and Sanctuary Application Control 4.3 are expected to be available at the end of Q2 2008. For a free trial of the latest version of Sanctuary Device Control and/or Sanctuary Application Control, visit: http://www.lumension.com/public_eval_request_form.jsp?rpLeadSourceId=2000 .
About Lumension Security, Inc.
Lumension Security, formed by the combination of PatchLink Corporation and SecureWave S.A., is a recognized, global security management company, providing unified protection and control of enterprise endpoints for more than 5,100 customers and 14 million nodes worldwide. Leveraging its proven Positive Security Model, Lumension Security enables organizations to effectively manage risk at the endpoint by delivering best-of-breed, policy-based solutions that simplify the entire security management lifecycle. This includes automated asset discovery, vulnerability assessment, remediation and validation; security configuration management; application control and device control; extensive policy compliance reporting; and integration with leading network access control solutions.
Headquartered in Scottsdale, Arizona, Lumension has offices worldwide, including Virginia, Florida, Luxembourg, the United Kingdom, Spain, Australia, Hong Kong and Singapore. PatchLink, now Lumension, was founded in 1991 by Sean Moshir.
 - Ponemon Institute, 2007 Cost of Data Breach Study
 - Ibid.