Novell Home

Novell Connection Magazine Home

Enforce Your Will in the Remote Corners of the Enterprise

Perhaps the biggest data leakage-related cause for concern today is that nearly everybody is mobile. People are carrying confidential data and creating new versions of it in hotels, airports and home offices. Data on thumb drives, media players and other portable storage devices is unmonitored and unmanaged. And even if mobile users are saving their data to a central repository, there is too much free will. Organizations are at the mercy of individuals who can either abide by corporate processes and security policies or choose to ignore them.

Novell ZENworks Endpoint Security Management helps IT managers take back control. It addresses critical endpoint security issues such as endpoint management, encryption, location-aware wireless control, personal firewall, removable media control and network access control.

ZENworks Endpoint Security Management provides complete control over the use of local optical media (CD-R/W, DVD+/-R/W) and all attached storage devices (USB thumb drives, floppy drives, flash memory cards, zip drives, PCMCIA cards and other removable media types). Administrators can set policy-based restrictions on device access and usage, which protects the integrity and confidentiality of data on the endpoints, while simultaneously preventing the introduction of malware. Also, if your company mandates that all files saved or copied to removable storage devices must be encrypted, ZENworks Endpoint Security Management enforces that policy. And ZENworks Endpoint Security Management automatically distributes WEP pre-shared keys without user intervention, and only allows the use of wireless devices and network interface cards that are approved by policies. Lastly, the software offers a common log, providing proof of regulatory compliance. (See Figure 2.)

Bulking Up E-mail Security

E-mail presents its own peculiar set of inbound and outbound security challenges. In addition, blog postings, media sharing sites, social networking sites, public IM communications, mobile Internet-connected devices are doing their part to keep IT administrators fully engaged.

Novell GroupWise Mobile Server, powered by Intellisync, gives GroupWise users a secure home base for information sharing. It offers military-grade encryption that protects data during transmission and storage, and it supports hundreds of mobile devices. If a device is lost, misplaced or stolen, strong password protection and encryption keep vital information confidential. GroupWise Mobile Server even allows your IT team to remotely lock out a device or wipe an entire device clean. And as you would expect, it works with Novell GroupWise, which is not a public vehicle, so you can use GroupWise Messenger to secure IM communication behind the firewall or use a VPN to securely communicate outside of it.

Any discussion of e-mail and data security must include storage. Novell Storage Manager ensures that only authorized personnel have access to stored data because, through policies, it lets you define how storage will be handled for a particular user identity, role or group.

After that, the rest is automatic. Storage is allocated, shared, moved, resized, deleted and archived automatically according to the policies you predefine.

Novell Storage Manager works with Identity Manager or any user-provisioning process. It is hardware-agnostic and offers native support for Linux, NetWare and Windows. It delivers real-time enforcement and robust reporting to demonstrate compliance. And it protects your organization against liability by enabling you to limit the type of content that can be stored on the company's storage area network. You control what users are permitted to store—and where and when they can store it.

Trust But Verify

Even with the best safeguards in place, there will always be threats that must be thwarted and events that must be documented. To meet these needs, the integrated Novell platform includes Novell Sentinel, the company’s Security Information and Event Management (SIEM) offering that provides real-time event monitoring and correlation, automated incident response handling, and compliance reporting. Sentinel automates the process of monitoring for policy violations, identifying and responding to violations, and delivering compliance metrics to demonstrate the effectiveness of critical IT controls.

When used in conjunction with the Identity Manager and provisioning functions, Sentinel provides IT professionals with real-time information about events and threats, and allows them to detect who did what in what context, and why it happened. Sentinel allows companies to consistently manage and measure control of data resources.

On Second Thought, Don’t Trust Anybody—Except Novell

No one can afford to let their guard down. To minimize risks and prove compliance, enterprises need to implement flowing, automated systems that accommodate strong security frameworks, and that provide auditing, archiving and storage. Now is the time to stop thinking in terms of patching data leaks and start building a solid, leak-proof environment. Novell has the integrated platform with the structural integrity to help you do exactly that.

  • Figure 1

    The high-level architecture of Role-Based Access Control (RBAC) is accomplished by combining Novell Identity and Access Management with Security Information and Event Management (SIEM) solutions in an integrated platform.

  • Figure 2

    The key to robust enterprise security is an integrated platform that offers data protection wherever authorized users and their data travel or reside.



© 2014 Novell