Pros & Cons
-
- Protects against data theft by controlling which removable devices can connect via USB, FireWire, and PC Card.
- Can remember to block or allow specific devices.
-
- Doesn't control removable media (such as floppy disks, CD/DVD, SD cards).
- No configuration options other than deletion of all remembered settings.
Safend Personal Protector Specs
| Type: | Business |
| Type: | Personal |
The enterprise-scale Safend Protector locks down all the end points of a company's network, such as removable media, USB ports, and wireless. If a pod-slurping Mata Hari tries to drain corporate secrets into her fashionable MP3 player, Safend's Digital Membrane technology stops her. Now you can get a taste of this protection for your home computer by using Safend Personal Protector (SPP), which specifically manages USB, FireWire, and PC Card devices. It's substantially less ambitious than its big brother, but (at least for now) it's free.
Using SPP couldn't be easier. The first time it sees a new device, it asks you whether to make the item available, much the way a personal firewall asks you to verify that a new program can access the network. Assuming you have Administrator-level Windows privileges on the PC, you can choose allow or block, and usually you'll tell the utility to remember your decision. Anytime a new item is connected, you're given the same choice, as long as you can provide your Windows Admin credentials.
If the person logged on to the PC has only Limited-level Windows rights, an administrator can still enter the credentials necessary to authorize a new device. In Windows Safe Mode you can't approve new devices, but those already marked as allowed can connect. One warning: Don't try this on your new Vista system; SPP supports Win XP and Windows Server 2003 only.
On installation, the product asked me to allow or block several memory-card-reader slots and the system's FireWire adapter. Normally you'll get a message about built-in devices such as these only when you first install the product. Blocking these would have completely disabled the computer's ability to read memory cards and connect with FireWire devices, so I allowed them, then plugged in every compatible gadget I could find. In almost every case, SPP asked whether to allow or block access, and it correctly remembered what to do when I plugged in the same device again. The only quirk involved two physically identical thumb drives that once held press releases. Blocking one blocked both, and allowing one allowed both, because SPP identifies a device by its vendor ID, product ID, and serial number. These two drives had the same vendor and product—and no serial numbers. But since the current USB Mass Storage Class Bulk-Only Transport specification requires a serial number, this problem should come up only with older devices, and even then, they'd have to be otherwise identical.
Just to see what would happen, I slotted in the SD Card from a camera. As you'd expect, SPP didn't complain, because I'd already told it to allow access for the card reader itself. I then tried to block the card reader, but I couldn't. The management console doesn't offer any kind of per-device configuration adjustment, just a Factory Settings button that clears the settings for all remembered devices. But the company designed SPP to protect removable items, and for those, this isn't a serious issue. I'd like to see a list of controlled devices and be able to configure them individually, but you can change the settings for any external hardware when you plug it in. Each time you connect a device, a tooltip gives you the option of changing the remembered setting. And SPP doesn't promise to block access to memory cards; I was just pushing the envelope.
With systems old enough to have floppy disk drives, a Mata Hari can still copy your data (in 1.4MB chunks). A really brazen thief could steal data by burning it to an internal CD/DVD drive, but the software would block a plug-in burner. Both theft methods carry a far greater risk of detection, though, than does plugging in an iPod or thumb drive. In any case, Safend plans to extend SPP's protection to removable media in a future version.
Safend Personal Protector prevents theft of data through your home computer's ports, but provides quite limited security compared with the corporate version. On the other hand, it's free, and easy to use. In six months or so, Safend may charge for it. If so, I'd want the software's capabilities to expand in kind.
More Security reviews:
Final Thoughts
Safend Personal Protector
Though just a shadow of its corporate big brother, Safend Protector, Safend Personal Protector still keeps miscreants from slurping your data into an iPod or other removable device. It's very simple and, at least for now, free.