DeviceLock, a worldwide leader in endpoint device control security, has announced that its DeviceLock software has been selected by VTB 24, one of Russia's largest retail banks.
After thorough research in the field of endpoint information security, DeviceLock 6.3 has been deployed across the bank's network to protect its employees' computers from data leaks and uncontrolled use of locally connected devices.
Bank VTB24 is one of Russia's largest and fastest growing banks. Its goal is to open more than 500 branches by the end of 2008 in order to have operations in all Russian cities with a population exceeding 150,000. Over the last few years, it has been steadily improving customer service, privacy protection and reliability, in order to attract and retain market share among Russia's growing class of affluent middle class banking customers.
Careful investment in IT security systems and business continuity that support innovation and customer service has been key to this strategy. The bank's IT infrastructure is a distributed heterogeneous system that includes Microsoft Windows, as well as UNIX and Novell network operating systems. DeviceLock now protects servers and desktop computers across the entire IT infrastructure, whether at one of VTB's large metropolitan corporate offices or any of the many branch customer service centres across Russia.
To keep its IT security running at the highest level of alertness, Bank VTB24 takes an integrated approach to managing the entire lifecycle of its IT systems. Risks associated with potential information security incidents are mitigated by employing best-of-breed solutions from different IT security vendors for everything from anti-virus protection to PKI encryption; and now data leakage prevention with DeviceLock
"With the proliferation of high-capacity removable storage devices available today, there is a much greater threat of information leaks from the bank's IT system, as well as infiltration by destructive malware elements. DeviceLock is the software product that can most effectively help us to fight such threats. It has been on the market on the market for almost a decade, building a rich feature set that has been field proven by other financial service customers around the world. We used a previous version of DeviceLock and found it a highly functional and reliable product. DeviceLock provides flexible control over a computer's local ports and devices, thus addressing one of our most significant information security problems," commented Anatoly Bragin, Chief of VTB24 Information Security Department.
Before the implementation of DeviceLock, any unauthorised local connection of external devices to computers was blocked either by physically switching off some of the device interfaces or by disabling them at the BIOS level. The bank's IT staff realised that this approach was becoming impossible to implement and manage and that the situation would only get worse given VTB24's rapid growth plans. The number of computers in the bank's network was quickly escalating and the network itself was extending its distribution over several more geographical locations.
Meanwhile, the number of peripheral devices employees were attempting to connect to the network was growing, particularly USB-connected devices. There were simply too many ways employees could connect devices locally to computer endpoints spread across the network, without any controls, and thus creating potential channels for data leakage - from USB flash drives to printers, scanners and web cameras.
"Installing DeviceLock was simple. The administrators of the IT Security Department were pleased with the results of the DeviceLock software deployment. The deployment did not impact the Bank's existing information security policy. Once deployed, DeviceLock enabled strict enforcement of device-related policy and easy audit of the rules defined in the policy. It has optimised our device management processes," emphasised Bragin.
Featuring a comprehensive central management natively integrated with Microsoft Active Directory and Windows NT/2000/XP/2003/2008/Vista support, DeviceLock 6.3 enables users precisely to control, log, shadow-copy, and audit end-user access to any type of computer's ports and peripheral devices. This includes, uniquely, presence detection and access control to local, network and virtual printers, as well as Windows Mobile and Palm-based personal mobile devices. In addition, DeviceLock blocks operations of USB and PS/2 hardware keyloggers. To protect data on removable storage devices DeviceLock integrates with leading encryption products from PGP, Lexar, and TrueCrypt.