Product Reviews & Quotes

Protecting Portable Storage Devices
Processor Magazine -  12/12/2008

Keep Tabs On Your Data

Protecting Portable Storage Devices

Robyn Weisman
Processor Magazine
12/12/2008

For most people, portable storage devices—be they a thumb drive dropped in a pocket or a smartphone that provides Exchange access along with restaurant reviews—rank at the top of technologies that have improved their lives. But they can be a curse to IT managers because employees often access enterprise data, only to lose it or have it stolen.

“The further you get from the server, the less actual control you have over [data],” says Gary Streuter, vice president of marketing at storage solutions provider CMS Products (www.cmsproducts.com). “You can lock up the servers, but client-side machines sitting out in an office are harder” to monitor, which means an employee might easily download something from his office computer to a USB key without your being the wiser—unless, of course, you keep some of these tips in mind.

Encryption Is A Must

According to Streuter, organizations are increasingly moving toward encryption as a way to keep mission-critical data out of the wrong hands. “Let’s assume you’re an accountant, and you’ve decided to work out of the house tomorrow, so you take a thumb drive and you download the payroll files on it. It falls out of your purse,” Streuter says. Whoever finds the thumb drive could conceivably retrieve employee Social Security numbers and bank accounts for automatic deposits, among other things.

Encrypted data requires a password to unlock that drive. And while passwords can vary in strength, most would-be thieves tend to go for low-hanging fruit, so chances are the person who finds an encrypted drive will ignore it or toss it out.

Leverage Your Security

Sean Martin, vice president of marketing at endpoint security solutions provider SkyRecon (www.skyrecon.com), points out that you should remember to leverage what you do from a systems protection perspective together with protecting portable storage devices from data theft and loss.

In other words, use the antivirus protection, host intrusion protection, and related technologies you have in place to make sure your information is also shielded from attack and compromise from malware and other threats. “Malware on the device could be another entry point just like floppy drives of years ago,” says Martin. “You want to protect your environment from attack through the device.”

Associate Devices With Specific Users

Martin says associating a portable storage device with a specific user helps to guard against threats, particularly ones from inside the company. For example, only the financial officer can use his own serial-numbered USB drive on his machine. “This effectively means the officer can’t go to a different machine and steal data if he wanted to. This locks the device to person and machine, ensuring his data is used by him on these devices,” says Martin.

This strategy also prevents someone from taking her storage device and plugging it into another machine or logging into her PC as a guest to get around the system, which helps stave off any insider theft of data, says Martin.

By using the serial numbers and vendor ID numbers of portable storage devices, a good third-party security solution will allow you to dictate which numbers can be used to access your network, says Nick Cavalancia, vice president of Windows management at Windows network management solution provider ScriptLogic (www.scriptlogic.com). “This restricts employees from bringing in a rogue portable storage device to download data,” Cavalancia says.

Consider Third-Party Software

Cavalancia points out that Microsoft Windows’ built-in Group Policy controls provide a blanket all-or-nothing lockout on USB storage; however, these controls may not be sufficiently granular for many organizations, which might want to allow a CFO greater access to files than a payroll clerk.

Third-party software can provide you with “the power to set policies allowing some users to have read-only access on available devices, completely allow or deny access for others, and enforce device lockdown for both local and remote users,” says Cavalancia. “Businesses can look for software solutions that can lock USB ports or have permissions and policies in place that can control who can have access to which files, where, and when.”

Track Data Leaving Your Network

CMS Products’ Streuter recommends having some type of data-tracking application that can tell you the parameters of a given file, including its name, size, the time it was downloaded, and who was logged onto the computer when it was downloaded.

For his part, Cavalancia says that because breaches will happen despite anyone’s best efforts, data-tracking applications should also have reporting and alert capabilities, so that you can locate any individual who has inappropriately downloaded information. “Central reports will also allow administrators to see all attempts at restricted activities, [and forewarn] users with desktop alerts that they are performing a restricted operation, such as connecting an unauthorized USB stick, iPod, laptop, or PDA,” says Cavalancia.

CMS Showcase Products
Database and Network Journal -  10/1/2008

The CE Secure Encrypted solutions offer user friendly and easy to install information storage.

CMS Showcase Products

Database and Network Journal
10/1/2008

CMS Products Inc recently showcased the ABSplus and CE Secure Encrypted Storage product ranges. Both new solutions offer users simple ways of dealing with complicated problems such as backup, recovery and encrypted information storage. The ABSplus backup and recovery solution comes in two formats, a light and pocket sized mobile device, which connects via a USB port, or it can be installed directly into the hardware on any desktop PC. Once connected, the it will offer full system backup to all partitions in all native file formats, including emails.

The CE Secure Encrypted solutions offer user friendly and easy to install information storage. The CE Vault Software allows customers to create encrypted areas on a hard or USB flash drive. The 'vaults' can be attached to emails, meaning users can send secure and encrypted information over emails.

Another Option for Laptop Security
Web Worker Daily -  8/18/2008

CMS has been making drives with hardware-based AES encryption for a while now; this kit makes it possible to get one of their drives into your laptop without losing data.

Another Option for Laptop Security

Mike Gunderloy
Web Worker Daily
8/18/2008

We’ve looked at laptop security several times - it’s a critical issue of those who are mobile with our (or our clients’) critical data. CMS Products is out with another solution in this area: the EasyEncrypt Upgrade Kit. CMS has been making drives with hardware-based AES encryption for a while now; this kit makes it possible to get one of their drives into your laptop without losing data.

The basic idea is simple: they send you a drive, enclosure, and software. You use the software to clone your old drive on to the new one, encrypting it in the process. Then you put the new one in your computer, and mount the old one in the enclosure, giving you extra storage for low-risk files. The whole kit costs $299 with a 160GB 2.5″ drive, and is available for Windows only.

CMS Products Offers SMEs Up-To-Date Technology & Data Security
Processor Magazine -  8/15/2008

Nothing is mission-critical until your computer is down. It doesn’t matter where you are or what’s caused it; once that happens, all you want is your data.

CMS Products Offers SMEs Up-To-Date Technology & Data Security

Elizabeth Millard
Processor Magazine
8/15/2008

SOME VENDORS MULTITASK so much that they sacrifice having specialized knowledge or product lines that evolve in a robust, relevant way. But at CMS Products (www.cmsproducts.com), tackling a trio of technology areas has allowed the company to thrive and focus on better serving its small to midsized enterprise customers.

Founded in the early 1980s, the company has always focused on storage but was mainly a distributor for large enterprises such as Seagate until 1999, when management executives decided to buy out the firm and change its strategy, aiming toward providing services for SMEs and government clients. Since then, effort has gone into three main areas, notes Gary Streuter, vice president of marketing: technology upgrades, disaster recovery, and data security through encryption. All three areas are under the umbrella of “business continuity,” says Streuter: “Nothing is mission-critical until your computer is down. It doesn’t matter where you are or what’s caused it; once that happens, all you want is your data. We help to minimize the chances that a computer goes down, but if it does, we can help with recovery.”

Product Lineup
A small but steady slice of CMS’ work is in notebook hard drive upgrades and data transfer kits, Streuter says. Mainly, it’s fairly standard stuff for users who want more memory or faster processing speed. More energy, though, is put in to its backup products and disaster recovery services. Last year, CMS released a new portable data backup, called ABS-Secure, that includes SATA hard drives and contains the company’s BounceBack Express data backup and disaster recovery software. It’s an example of how the vendor is integrating its expertise into a unified, coherent product.

BounceBack is the company’s flagship product, developed in 2001, with subsequent improvements that have made it a compelling disaster recovery tool, Streuter believes. There are several editions ranging from the Express version, which allows for documents-only backups, up to the server edition, for SMEs that want full system “spare drive” backups. The software creates an exact image of the system drive, Streuter notes. Although  there are other imaging products on the market, he emphasizes that BounceBack is unique because CMS maintains the program so it continually updates. “If a change is made in the data or the system, it’s changed in the image,” he says. This prevents IT from having to continually image systems on a regular basis.

Due to launch next month is the latest iteration of BounceBack, version 9.0, which allows for connection to an external device in order to run the software. If an internal drive dies or gets a virus, an employee can restart the system from the external USB drive, Streuter says.

Store House
For additional backup needs, the company offers products in three main categories: mobile, encrypted, and redundant. These can intersect, although each has its own particular demands. For example, a laptop crash may require that IT walk an employee through reloading system files from corporate image CDs because the employee might be at home or traveling on business. But if this type of reload is done, any recently created files might be missing.

To alleviate the chances of that situation, CMS offers ABSplus, an automatic backup system designed for mobile workers that couples ruggedized hardware with client backup software that’s fully bootable. If a crash occurs, a company’s employee can plug the drive into any working computer to access the data because the software saves the data in a native file format. Or, the employee can use a bootable rescue CD in the event of a corrupted primary hard drive or even do a drive swap if the hardware is completely kaput.

Encryption is included in several CMS products, but one notable item for telecommuters in particular is the Vault OTG encrypted Flash Drive, which is true to its name: The storage device offers 256-bit AES encryption in a flash drive with the promise of fast data transfer and secure files. For redundant backup, there’s the Velocity2, which includes BounceBack Enterprise Server software for more efficient management. When the appliance is set in RAID 1 mode, it keeps an identical mirror copy of the primary backup drive. If there’s hardware failure or data corruption, an IT manager has that drive to use for disaster recovery. Also handy is the ability to set backups to run automatically according to the company’s preferences.

Remote Help
Most of the services and products from CMS are used by those who work outside the office or at companies that don’t have a traditional office setup. For example, the firm has a number of oil companies as clients, with customers requesting disaster recovery or encryption services from the rough-and-tumble environment of an oil derrick. The majority of customers, though, are telecommuters or salespeople who go into the office only occasionally. As the price of gas increases and companies look to meet the needs of their employees who ask for flex time, Streuter believes that the number of telecommuters will rise, which is cause for concern at any data center, he notes. “If you have 25 employees working outside of the office, they’re at risk, and when a hard drive breaks, it’s going to be challenging for the IT group,” says Streuter. The usual procedure has been to box up a laptop and call FedEx to ship it out, but that leaves days of no productivity, or at least a lag time if an employee can’t have access to data or is unable to come into the office for another laptop. Streuter says, “As we see a more distributed workforce using mobile applications and technology, the demand will grow for products like ours that can do fast backup and disaster recovery.”

CMS Launches Line of Vault OTG Encrypted Flash Drive
Techlime.com -  8/7/2008

CMS Products has unveiled a new line of encrypted flash drives called the Vault OTG (On The Go).

CMS Launches Line of Vault OTG Encrypted Flash Drive

Techlime.com
8/7/2008

CMS Products has unveiled a new line of encrypted flash drives called the Vault OTG (On The Go).

The new CMS flash drives come pre-loaded with AES (Advanced Encryption Standard) 256-Bit encryption by installing the company’s award-winning CES Secure encryption software.

The Vault OTG flash drives support Windows-based systems (especially Windows Vista, XP and 2000). Here are the some important advantages of the FIPS compliant CMS Vault OTG Encrypted flash drives:

    * Auto-launch unlock
    * Automatically locks when unplugged
    * Leaves no footprint on your system
    * Protects sensitive data from prying eyes

Gary Streuter, vice president of marketing at CMS Products, mentioned, “We are absolutely confident that our new ‘Vault OTG’ solution will be a ‘must have’ product for anyone who needs to transport data in a completely secure environment. The strong AES 256-bit encryption combined with the Vault OTG’s easy-to-use interface allows even computer novices to secure their data against unauthorized access. No footprint or ‘trace’ is left on the system when the ‘Vault OTG’ is used. Should the flash drive be misplaced or stolen, the 256-Bit encryption scheme continues to protect the data on the ‘Vault OTG,’ even under the most hazardous conditions.”

In addition, the self-contained CMS Vault OTG makes use of a quick pass phrase set-up before using the drive for the first time, ensuring tenable access to the data on the flash drive. Supporting a USB 2.0 interface, the flash drive promises to provide high transfer rate.

Backed by a limited three-year warranty, the Vault OTG flash drives come in different storage capacities such as 1 GB for $45 (approx. Rs. 1,903), 2 GB for $65 (approx. Rs. 2,750), 4 GB for $95 (approx. Rs. 4,017) and 8 GB for $145 (approx. Rs. 6,135). This latest series of encrypted flash drives can be yours’ by visiting CMS’ official website or from leading resellers.