You have invested in network anti-virus software, firewalls, email and web content security to protect against external threats. Yet any user can come into the office, plug in a USB stick the size of the average keychain and take in/out data. This poses a tremendous threat: Users can take confidential data or they can unknowingly introduce viruses, trojans, illegal software and more - actions that can affect your network and company severely. Yet, as an administrator you have no way to control this! Group policy offers no control.
To control access, GFI EndPointSecurity installs a small footprint agent on the machine. This agent is only 1.2 MB in size - the user will never know it is there. GFI EndPointSecurity includes a remote deployment tool based on GFI LANguard technology, allowing you to deploy the agent to hundreds of machines with just a few clicks. After installation, the agent queries Active Directory when the user logs on and sets permissions to the different nodes accordingly. If the user is not a member of a group that allows him/her access, then access to the device is blocked.
You can centrally disable users from reading or writing data to/from a CD or floppy. This way, you can block normal users from bringing in data that could be harmful to your network, such as viruses, trojans and other malware. Although you can switch off CD and/or floppy access from the BIOS, in reality this solution is impractical: You would have to physically visit the machine to temporarily switch off protection and install software. In addition, advanced users can hack the BIOS. GFI EndPointSecurity protects your network against non-removable media devices by allowing you to lock down a machine to a specific hardware level, guaranteeing protection against Bluetooth devices, network cards and more.