A few weeks back, there was an interesting faceoff between New York Times and Tesla. NY Times issued a scathing review of the Tesla electric car. Within a week, Tesla was able to issue a point-by-point rebuttal of the negative review of the Tesla electric car. They were able to do this only because the electric cars had a rich system audit logging infrastructure which helped the Telsa engineers reconstruct what had actually happened.
Switching gears to a world closer to data protection, everyone recognizes that removable media devices (USB and Optical Media) are extremely pervasive and affordable today. IT and security has realized that it is more beneficial facilitating the use of these devices rather than blocking them.
McAfee’s removable media encryption offering already allows users to utilize removable media by transparently encrypting the data stored on it. In addition to this, we believe it is critical for IT and security to also have a clear view and understanding of:
What type of removable media is being used? Which model, vendor etc.?
Which users are the heaviest users of removable media?
When and where are these devices being used?
In our Dec 2012 release, we added rich auditing and reporting capabilities to help answer these questions and more. All end user activity related to use of removable media is captured and transmitted back to McAfee ePO. As an administrator, you now have a fantastic view into these audit events.
In addition to these audit events, we have also provided a rich reporting framework that allows administrators to run custom queries on the audit event database. For example, an administrator may want to know whether there is a popular model or size of removable media in use at the company.