ivanti logo

Device Control

Data leaks resulting from the unplanned or sometimes malignant use of removable devices and/or removable media has reached scary levels. Ivanti Device Control drives security rules on removable device utilization and data encryption. The tool centers administration of devices and information using a whitelist / “default deny” technique and supplies an supplemental layer of security against malware originated by way of physical approaches.

Guard Information From Damage Or Theft

As more personnel are operating remotely, entrance is needed from outside the network. But the possible shock of data loss, be it random or purposeful, is a very real concern. Currently, removable media/devices are the most common data discharge direction; no file copy constraints, no encryption, no audit trails, and no central administration. Ivanti Device Control empowers the safe use of such efficiency; improving solutions while restricting the possibility of data leakage and its effect.

Key Features

Whitelist / “Default Deny”

Appoints approvals for permitted removable devices and media to separate users or user groups. By default, those devices/media and users not definitely licensed are rejected entrance.

Policy-Enforced Encryption for Removable Storage

Principally encrypts removable devices (such as USB flash drives) and media (such as DVDs/CDs) and implements encryption procedures when copying to devices/media.

Data Copy Restriction

Limits the daily amount of data copied to removable devices and media on a per-user basis; also restricts usage to certain time frames/days.

File Type Filtering

Regulates file types that may be moved to and from removable devices/media on a per-user basis; helps restrict malware propagation.

Centralized Management / Administrators’ Roles

Primarily assigns and supervises user, user groups, computer and computer groups entrance to permitted removable devices/media on the network. By default, those devices/media and users not definitely licensed are rejected entrance.

Temporary / Scheduled Access

Assigns users temporary / scheduled entrance to removable devices/media; used to assign entrance “in the future” for a restricted interval.

Context-Sensitive Permissions

Entry/usage procedures remain imposed regardless of connection status and can be customized whether the endpoint is connected to the network or not.

Role-based Access Control

Appoints permits to separate users or user groups based on their Windows Active Directory or Novell eDirectory profile, both of which are fully supported.

Tamper-proof Agent

Installs agents on every endpoint on the network. Agents are sheltered against illegal removal; even by users with executive authorizations. Only Device Control Administrators may disable this protection.

Flexible / Scalable Architecture

Offers organization-wide command and enforcement using a scalable client-server frame with a key database that is optimized for operation. Supports remote server configurations.

Discover the Benefits of Ivanti Device Control

  • Protects data from loss/theft
  • Enables secure use of productivity tools
  • Enhances security policy enforcement
  • Delivers precise control with access limits
  • Prevents malware infiltration via physical means /mapping of centralized and decentralized management structures
  • Allows for monitoring of all file transfers to printers and physical media

How Ivanti Device Control Works

1. Discover all removable devices that are currently connected or have ever been connected to your endpoints.

2. Assess all “plug and play” devices by class, group, model, and/or specific ID and define policy through a whitelist approach.

3. Implement file copy limitations, file type filtering, and forced encryption policies for data moved onto removable devices.

4. Monitor all policy changes, administrative activities, and file transfers to ensure continuous policy enforcement.

5. Report on device and data usage to document compliance with corporate and/or regulatory policies.