September 28, 2008, Updated September 13, 2012

With a portable storage device, a data spy can quickly smuggle out a company’s confidential information.Since the advent of digital technology, industrial spying has become a great deal easier. With a portable storage device, a data spy can quickly smuggle out confidential information, putting a business at grave legal or financial risk. Studies show that today companies are losing billions of dollars annually to the problem, known as “pod slurping”.

While some organizations take drastic measures to prevent employees from stealing data, such as gluing shut USB connections, an Israeli company has come up with a much more effective option that won’t require any adhesive.

Herzliya-based ControlGuard has developed a sophisticated Endpoint Access Manager suite of programs that gets rogue USB and other communication connections under control, company president and CEO Israel Levy tells ISRAEL21c.

“The advent of sophisticated music players and portable USB flash drives means that companies need a solid method to prevent workers from using those devices to steal data,” Levy explains. “The fact is that most of today’s miniature USB connected devices have a capacity of four or eight gigabytes of space – while the size of sensitive documents in most companies does not exceed five gigabytes, meaning that a determined thief could easily rip off the entire contents of a company’s server in a single afternoon.”

Anyone can bring down a business

Disks on key, MP3 players that double as data storage devices, smart phones, iPod video players – everybody’s got one nowadays, which means that anyone can be the person that single-handedly brings down a business.

You don’t even need a physical USB connection to a computer or a server; many devices have Wifi and Bluetooth capabilities, and a little pre-planning by an employee could result in a mass theft of documents from a server over a non-physical connection.

Like a firewall against content copying, the ControlGuard solution implements a set of rules that apply to people, data and devices, ensuring that only authorized downloading of data takes place. “Many employees use USB devices to copy files they need to work on at home, and the Endpoint Access Manager suite enables them to download the files they are authorized to work on to their devices, preventing other data from being copied,” says Levy.

Like other policy-based security systems, ControlGuard’s solutions prevent copy access to files using not only USB, but most other communication interfaces, including Wifi, Bluetooth, FireWire, Optical beams, Infrared connections, etc.

Devices that are covered include iPods, disks on key, CDs, digital cameras, smart phones, printers, PDAs, and many others. “The ControlGuard system can be configured to permit specific actions on specific devices, by specific users, and will keep records on their actions,” says Levy, adding that the system is the only one that covers all the communication protocols used in the vast majority of portable storage devices.

Proper authorization

The system also logs the actions taken by a file, and will record when and where a file was downloaded or uploaded – so that even files copied with proper authorization can only be uploaded to authorized computers, like an employee’s home PC.

“We record uploading and downloading information on the device, and the information can also be transferred over a network to an administration server,” says Levy. “The log files are well-hidden, out of reach of even sophisticated hackers, so we have a record of where each file went and who took it.”

ControlGuard’s rules-based access system also ensures that lost flash drives don’t turn into major data loss risks, he adds, citing the recent case of a Deloitte & Touche employee who “lost” a CD containing sensitive information about 9,000 employees of McAfee, itself a computer security company.

ControlGuard’s system was developed at the prompting of Israel’s Defense Ministry, which four years ago recognized the security issue inherent in the proliferating number of portable data devices.

Since then, over 150 organizations around the world – including the IDF, Israel’s Ministry of Defense, numerous banks, multinationals, and even mid-sized and small companies – have installed the company’s technology on some 300,000 computers.

And to make it even easier for companies to feel secure, ControlGuard has partnered with SanDisk, the world’s largest maker of portable storage devices, embedding its system in “off the shelf” disks.

“Companies that implement the ControlGuard system know they are getting a standardized, easy to implement security program that works ‘off the shelf’ with their most likely portable storage devices,” says Levy.

He anticipates a bright future – because the problem is only going to get worse. “One day we will see portable data devices that hold hundreds of gigabytes of data – and when you consider that all the music ever recorded is about 1,000 gigabytes, or one terabyte, you see how vulnerable individual companies, with much less data, really are.”

It’s not surprising then that ControlGuard’s solution is becoming, for many organizations. a security tool as important as a firewall or anti-virus program, says Levy. “ControlGuard gives corporate data security pros one less thing to worry about,” he adds.

More on Innovation