ZENworks Endpoint Security Management

USB and Removable Media Security - ZENworks Endpoint Security Management

Extra security for even the smallest of removable devices.

The amount of data that can be quickly copied to removable storage devices is increasing every day. While these devices can significantly boost productivity, they can also poke dangerously large holes in data security and control policies. Threats caused by these devices include:

  • Malicious users copying large amounts of data with no audit trail
  • Well-intentioned users misplacing or throwing away devices containing sensitive information
  • Viruses or other malicious code being introduced to the network via contaminated devices
  • Violations of HIPAA, SOX, GLBA, or other regulations due to sensitive data being copied and transported unencrypted


ZENworks® Endpoint Security Management provides USB security features that allow administrators to protect corporate data and assets both inside and outside the corporate security perimeter with powerful solutions such as full disk encryption, personal firewall, and anti-malware.

With advanced, patent-pending, location-aware technology, ZENworks Endpoint Security Management enforces highly customizable storage device security policies on Windows 2000, Windows XP, and Windows Vista machines. These policies are centrally managed, automatically distributed to users or machines, and continuously enforced—always and everywhere—without user intervention.

ZENworks Endpoint Security Management delivers powerful and granular data security storage device control

ZENworks Endpoint Security Management provides administrators control over the use of local optical media and all attached storage devices:

  • CD-R/W, DVD+/-R/W
  • USB thumb drives
  • floppy drives
  • flash memory cards
  • zip drives
  • SCSI PCMCIA cards
  • MP3 players
  • other removable media types


Administrators can set policy-based restrictions on device access privileges. This protects the integrity and confidentiality of data on the endpoints, while at the same time protecting the endpoint from the introduction of malware and of any other unauthorized activities.

Serial-number-based control. ZENworks Endpoint Security Management delivers granular control over which devices are allowed, blocked, or set to read only. A separate utility is also available for capturing device names and serial numbers in a master list that can then be imported into a policy.

Protection against unauditable transactions. ZENworks Endpoint Security Management protects against the introduction of local storage devices that can copy data without leaving an audit trail. These transactions are blocked by either completely disallowing use of such devices everywhere, or by disallowing their use based on an endpoint's network location.

Storage devices can be placed in read-only mode or fully disabled, while the endpoint hard drive and all network drives remain accessible and operational.