Security, et al

As you know I view compromised user endpoints (aka workstations and laptops) as the biggest risk facing us today.  And that’s why I love application control (aka whitelisting) from UWS sponsors like (Lumension and Bit9+CarbonBlack).  But there’s one single silver bullet – defense-in-depth right?  One of the scary things bad guys can do once they have code running on your user’s endpoint is log key strokes, change your keystrokes and record (aka scrape) your screen – and even potentially re-write your screen. So it was cool when, while wondering the booths at RSA 2015 I met Mark L. Kay, of StrikeForce Technologies, who is a kindred soul on this concern.  Their GuardedID software is designed to prevent “malicious keylogging programs by encrypting every keystroke at the point of pressing the keys, and rerouting those encrypted keystrokes directly to your Internet Explorer browser through its own unique path”.  The products appear to be targeted primarily at consumers but Mark told me they do have enterprise customers and their website does have an Enterprise section showing how to deploy GuardedID by group policy.  If you are at RSA 2015 check them out at booth 1227 in the South Hall.