Mark the page
Contact form
If you are interested in our offer, use the form and ask a question to our specialist.

Ivanti Device Control - Advanced control over devices and removable media

Ivanti Device Control

Ivanti Device Control - Ivanti software for controlling removable devices

Data leaks due to accidental or sometimes intentional malicious use of devices and/or removable media have reached alarming levels. Ivanti Device Control enforces security policies related to the use of removable devices and data encryption. The solution centralizes device and data management using "default deny" whitelisting. It also provides an additional layer of protection against malware through physical means.

Protecting data from loss or theft

The increased number of remote workers is driving the need for access to data from outside the network. However, the potential impact of data loss, whether accidental or maliciously caused, is a real danger. Today, removable media/devices are the most common route for data leakage: no copy restrictions, no encryption, no audit logs, no central management. Ivanti Device Control allows the secure use of these productivity-enhancing tools, while limiting potential data leakage and its impact on business operations.

Key functionalities

CENTRALIZED MANAGEMENT / ADMINISTRATOR PRIVILEGES

Centrally define and manage the access of users, user groups, computers and computer groups to authorized removable devices/media on the network. The default setting is to deny access to these devices for all users.

POLICY-ENFORCED ENCRYPTION FOR REMOVABLE STORAGE

Central encryption on removable devices (such as USB flash drives) and media (such as DVD/CD), and policies that enforce encryption when copying to removable devices/media.

 

LIMITING THE ABILITY TO COPY DATA

Limit the daily amount of data copied by 1 user to removable devices and media; it is also possible to limit to specific time periods/days.

FILTERING OF FILE TYPES

Control of the type of files that can be transferred to/from devices/removable media, per specific user; helps limit the spread of malware.

WHITELIST / "DEFAULT REFUSAL"

Set permissions for the use of authorized removable media and devices by individual users or groups of users.

TEMPORARY/SCHEDULED ACCESS

Grant the user temporary/scheduled access to removable devices/carriers; the ability to grant "future" access for a limited period of time.

CONTEXT-DEPENDENT PERMISSIONS

Access/use policies remain in effect regardless of the state of the connection and can be adjusted, depending on whether the endpoint is connected or not.

ROLE-BASED ACCESS CONTROL

Grant permissions to users or user groups based on data from Windows Active Directory or Novell eDirectory; both directories are fully supported.

AGENTS RESISTANT TO MANIPULATION

Installation of agents on every endpoint in the network. Agents are protected against unauthorized removal; even by users with administrative privileges. Only Device Control Administrators can deactivate this protection.

FLEXIBLE, SCALABLE ARCHITECTURE

Provides control and enforcement of accepted security policies across the organization, using a scalable client-server architecture with a central database with optimized performance. It also supports configurations with virtualized servers.

 

How does Ivanti Device Control work?

  1. Detect all interchangeable devices that are currently or were once connected to endpoints.
  2. Identify all "plug and play" devices based on class, group, model and/or specific ID and define policies using whitelisting.
  3. Implement file copy limits, file type filtering, and policies to enforce encryption of data transferred to removable devices.
  4. Monitor all policy changes, administrator activity and file transfers for continuous oversight of policy performance.
  5. Reporting on device and data usage to document compliance with corporate policies or generally applicable regulations.

Benefits of Ivanti Device Control

  • Data theft/loss protection.
  • Enable safe use of productivity tools.
  • Increasing the scope of enforcing security-related policies.
  • Precise control with access restriction.
  • Prevent malware infiltration through physical means/mapping of centralized and decentralized management structures.
  • Enable monitoring of all file transfers to printers and physical storage media.

Want to know more?

Read more about Ivanti
Ask a Stovaris specialist
Back to all solutions