Fujitsu announced the development of two new technologies designed to prevent the unwanted disclosure of data from lost universal serial bus (USB) memory devices and prevent uploads to file-sharing networks.
The USB memory device technology after a fixed period of time automatically erases data stored on the USB memory. The file redirect technology ensures that the data from the USB memory device can only be stored on a specified server. This creates a secure environment that protects confidential information and allows USB memory devices to be used as a convenient way to safely carry customer data back to one’s own company to manage the data.
Portable storage medium devices such as USB memory devices are convenient for carrying information from the office to the home, but they can be lost or stolen during transit, or data stored on the devices can be leaked via a file-sharing network when viewed from personal PCs at home.
Among the methods some corporations are using to address the problems of the loss or theft of portable storage devices – or the sharing of information stored on such devices – are forbidding employees from taking work-related notebook PCs home, or by insisting on thin clients that pass all traffic through controlled servers. In order to be able to securely transport and use confidential internal or customer data two conditions must be met: in the event that the USB memory device is lost or stolen, the data should not only be encrypted, but should automatically be deleted; and confidential data should be prevented from being copied except on predefined USB memory devices or servers.
Fujitsu Laboratories and Fujitsu Laboratories of America have co-developed an environment that enables data to be carried outside of a company safely and in compliance with the company’s security policy.
The unique USB memory device prototype contains a processor and battery. After a fixed period of time, if the USB memory device is plugged into an unauthorized PC, the data can automatically be erased or the USB memory device can be rendered unusable. For example, the USB memory device can be set up with a policy whereby the data will be automatically deleted after 24 hours, or it will be deleted if the USB memory is plugged into an unregistered computer even once. By storing and carrying data on a USB memory device that allows for this type of security setting, in the event that the USB memory device is lost, the data stored on it will be automatically deleted and thus enable strict security.
Together with the self-erasing USB memory device, installing the file redirect software on a PC can be used to restrict the copying of data from the USB memory device, forcing it to reside only on the USB memory itself and a specific company server. This can also be used to prohibit confidential data from being sent as an e-mail attachment or from being printed. Since confidential data is prohibited from being written to the hard disk drive of the PC, it prevents data from being stored on PCs or USB memories and later transferred to file-sharing networks, whether by accident or intentionally.
The combination of the aforementioned two new technologies makes it possible for data to be carried inside or outside a company securely.
Currently, this technology is undergoing internal trials at Fujitsu in relation to project-management services. Following these internal trials, verification tests will be executed to target commercialization. Fujitsu Laboratories will plan to expand application of this technology for practical information-centric security measures to prevent leaks via e-mail and other network channels and to address the issue of leaks through sub-contractor environments as well.