The Web    Google
Ensuring Mobile Clients Comply with Security Policy

Ensuring Mobile Clients Comply with Security Policy
April 12, 2004

With published reports from Gartner Group stating that nearly two-thirds of fresh and critical data is on employee laptops and desktops and not on servers, a higher urgency is being placed on securing the data on mobile computers.

At the same time, the mobile professional needs flexibility in order to exploit the benefits of mobile computing, such as being able to tap into one of the growing number of available Wi-Fi hot spots.

Mobile security products vendor Senforce attempts to address these issues with Enterprise Mobile Security Manager 2.5 (EMSM 2.5), a location-aware endpoint security product that adds more support for the government market and improved wireless connectivity control among its enhancements.

"Audit committees want to know if security policy is being enforced on the clients," says Allan Thompson, president and CEO of Senforce.

The Senforce client software, with a footprint of 2Mb, will prevent a machine from connecting to the network that is not authorized or up to standard.

"Companies can set a policy to only allow employees to connect to designated access points. And we explain the reason to the user that the connection was not authorized," Thompson says.

EMSM 2.5 includes a FIPS 140-2 certified cryptographic module to protect the confidentiality of security policies. It also supports compliance with Department of Defense Wireless Directive DoDD 8100.2 for mobile technology use in government agencies.

Other enhancements in the 2.5 release include: improved wireless connectivity control for embedded WLAN NICs used in notebook PCs, including those using Intel Centrino Mobile Technology. The product determines if the WLAN use is authorized based on an organization's policies. Security managers can activate or control WLAN adapters with one mouse click.

Also, virtual bridging, a feature supported in Windows XP, allows multiple network adapts in the same PC to pass network traffic between each other in a way that can create security vulnerabilities. The 2.5 release can prevent this from occurring by disabling any adapters using the virtual bridge.

The product is priced at $89 per client; the server component is included. Annual maintenance is 20% of the purchase price. A company buying 5,000 seats would pay $150,000 on average.

  • How hacking has entered the age of mass production.
  • 2/28: Rbot-UC a Worm and Trojan
  • Sender ID: Phishing Solution or Another Problem?
  • 6/17: Download.Ject Installs File
  • 4/8: Mytob-S Worm Continues to Flourish
  • Virus Alert: Worm Uses Own SMTP Engine to Spread
  • IM Security Under The Gun
  • Bagle Attack Picking up Speed
  • 7/29: Lovgate-AK a Mass-Mailing Worm
  • Ensuring Mobile Clients Comply with Security Policy
  • 4/11: Mytob-AG Sends Copy of Itself
  • Security Camera Related Information