SOURCE: Lumension Security

April 28, 2008 11:00 ET

Lumension Security Extends Powerful Encryption Technology for Complete Data Protection Solution

Sanctuary 4.3 Bolsters Endpoint Security by Providing Visibility and Control Over Removable Media, Storage Devices and Now CD/DVD; Limits Exposure, Protects Information and Meets Compliance

SCOTTSDALE, AZ--(Marketwire - April 28, 2008) - Data breach remains the leading cause of financial loss for organizations, costing an average of $197 per record, according to the Ponemon Institute Study 2007(1). The average data breach could cost upwards of $6.3 million per incident and potential lost business opportunity to the tune of $128 per leaked customer record(2). In order to prevent accidental and malicious loss of confidential data, enterprises need better insight into where their data is stored, or where it's going. To help enterprises shore up their defenses against data leakage, Lumension Security™ Inc., a recognized, global leader in security management, today announced Sanctuary 4.3, a comprehensive solution that effectively reduces risks of data loss and theft by encrypting and protecting easily accessible endpoints such as storage devices, removable media and now CD/DVD media.

In addition, Lumension's Sanctuary Device Control 4.3 allows administrators to enforce policy requiring either the built-in Sanctuary encryption or PGP Corporation encryption solutions for removable storage devices. PGP® enterprise data protection solutions help organizations comply with FIPS-140-2 standards and provide centralized encryption key management and support for large secondary hard drives. Using PGP® encryption with Sanctuary Device Control 4.3, administrators can easily establish and enforce granular encryption policies for removable storage devices; review device usage logs; and monitor the content of data transferred to and from devices.

"Protecting the privileged and proprietary data residing on portable devices is a challenge for enterprises everywhere. Instituting data protection is becoming a standard solution to this problem. However, enforcing data protection policies becomes the critical challenge," said Charles Kolodgy, Vice President at IDC. "Lawyers are requesting proof that a lost laptop or removable media was encrypted, they want evidence that the data was protected. Lumension's newest Sanctuary version delivers advanced data encryption while providing the enterprise with policy enforcement and auditing capabilities to answer that question. Features such as the ability to encrypt all types of removable media, which covers CD/DVDs as well as USB memory sticks, offer comprehensive protection against data breaches."

"Enterprises are experiencing an increase in the loss of data assets as witnessed in recent high profile incidents," said Mike Wittig, president and chief technology officer at Lumension Security. "Not only are cybercriminals refining their methods for stealing confidential data, but information is being leaked or lost by employees and contractors who have direct access. As a result, enterprises that suffer a security breach face lost business, lawsuits, fines and brand damage. In order to protect the viability of the business, enterprises need to adopt proactive security methodologies that safeguard confidential information and ensure the public's trust."

"In addition, CDs/DVDs continue to be prevalent as a means of storing, sharing and distributing large volumes of financial data, patient records, or proprietary documents. Sanctuary 4.3 helps organizations mitigate risk and comply with industry's toughest regulations," continued Wittig.

Sanctuary 4.3 Delivers Key Benefits:

--  Prevents Data Loss on CD/DVD - Extends data security beyond USB and
    other portable devices to include CD/DVD media. Enforces encryption for
    data written to CD/DVD based on user or user group, with portability to non-
    Sanctuary machines for secure information sharing outside of the
    organization.
--  Enforces Enterprise Encryption Policy for Removable Storage Devices -
    Enables administrators to require removable storage device encryption by
    policy using native Sanctuary encryption and/or PGP® Whole Disk
    Encryption.
--  Simplify Compliance with Audit Trail of Data Transferred - Every bit
    of data written to portable media such as USB thumb drives and CD/DVD media
    can be "shadowed" in a back office server for auditing and compliance
    purposes. Using the patented Shadowing Technology, administrators can log
    the filename or full file contents that are transferred to or from
    removable storage devices, now including PGP® encryption solutions.
    

Sanctuary Application and Device Control 4.3 Delivers Expanded Platform Support:

--  Expanded Agent Platform on 64-bit Architectures
    --  Windows Server 2003 64 bit support
    --  Windows XP 64 bit support
    --  Sanctuary Agent previously supported 64-bit Windows Vist
-- Expanded Database Platform Support
    --  Support for SQL Server 2005 on 64-bit Architecture

Availability

Lumension's Sanctuary Device Control 4.3 and Sanctuary Application Control 4.3 are expected to be available at the end of Q2 2008. For a free trial of the latest version of Sanctuary Device Control and/or Sanctuary Application Control, please visit: http://www.lumension.com/public_eval_request_form.jsp.

About Lumension Security™, Inc.

Lumension Security™, formed by the combination of PatchLink® Corporation and SecureWave® S.A., is a recognized, global security management company, providing unified protection and control of enterprise endpoints for more than 5,100 customers and 14 million nodes worldwide. Leveraging its proven Positive Security Model, Lumension Security enables organizations to effectively manage risk at the endpoint by delivering best-of-breed, policy-based solutions that simplify the entire security management lifecycle. This includes automated asset discovery, vulnerability assessment, remediation and validation; security configuration management; application control and device control; extensive policy compliance reporting; and integration with leading network access control solutions. Headquartered in Scottsdale, Arizona, Lumension has offices worldwide, including Virginia, Florida, Luxembourg, the United Kingdom, Spain, Australia, Hong Kong and Singapore. PatchLink, now Lumension, was founded in 1991 by Sean Moshir. More information can be found at www.lumension.com.

Lumension Security, the Lumension logo, PatchLink® and Sanctuary® are trademarks or registered trademarks of Lumension Security. All other trademarks are the property of their respective owners.

(1) Ponemon Institute, 2007 Cost of Data Breach Study.

(2) Ibid.

Contact Information