Worry-Free Business Security 7, the new version of Trend Micro's small business security product, features USB device control, email data loss prevention for Exchange servers, endpoint-based URL blacklisting and integrated Mac anti-malware protection. Security companies such as Trend Micro and its most direct competitors, such as Symantec, McAfee, are targeting the small business market with products that pack a wide range of security features in a single package. While cost continues to be a major consideration, it's not the only consideration as small companies become increasingly security conscious.
"The challenge for the smaller company is, 'how do I get the best out of all the components I need?'" said Ray Boggs, VP for SMB and Home Office for IDC. "The danger of buying a la carte is that I'm really going to be challenged when comes to management." Small businesses, he said, like enterprises, are looking for ways to empower and increasingly mobile workforce in the face of mounting threats.
USB device control is common in enterprise-class endpoint data protection products, typically integrated with full disk and removable storage device encryption. The aim of device control technology is to prevent data leakage by enforcing policies around copying sensitive data to USB sticks, CD/DVDs, even MP3 players. Sophisticated enterprise device controls extend to WiFi and RF data transfer. They can be tightly integrated with endpoint DLP technology to control what can be copied and by whom, and enforce highly granular policies, for example, allowing data to be copied only to company-approved encrypted USB devices.
Small businesses that deal in sensitive data or are subject to regulatory controls, such as PCI DSS or HIPAA, often lack the technology to enforce policy and are constrained by the costs of purchasing separate products. The new Trend release addresses this by adding group-based device controls. Small businesses can allow or prohibit device use, or restrict activities based on permissions -- read, write, etc. The device control is Windows only and does not extend to Macs
The email DLP feature provides data loss prevention for small businesses in the most common source of leakage from a security and regulatory compliance perspective. Applying DLP to email invokes the 80-20 rule to staunch the most obvious outbound flow and may provide "good enough" protection for small businesses that do not need and cannot afford the cost and complexity of implementing and managing full-blown DLP. Worry-Free Business Security provides pre-populated information to search for common data types, such as credit card and Social Security numbers. IT admins and channel partners can also customize data search rules for business-specific data, for example, for small financial institutions or law firms.