OMB M-06-16 Compliance

Office of Management and Budget M-06-16 Mandate requires agencies to establish safeguards for sensitive agency data on laptops and workstations. To achieve compliance with the M-06-16 Mandate, agencies must enforce security measures that safeguard the integrity and availability of sensitive agency information at the endpoint.

Lumension’s Endpoint Security Helps Agencies Comply with M-06-16 for Endpoint Security

Lumension® Device Control ensures confidentiality and integrity of agency data on laptops and workstations by enforcing encryption when these data are copied to removable devices (e.g., USB flash drives) and/or media (e.g., CDs/DVDs), and by controlling what devices are used by whom and on what machines. Lumension® Device Control helps agencies prove M-06-16 compliance through bi-directional shadowing capabilities which detail what information has been transferred from a workstation to removable devices and/or media, and vice versa. With Lumension® Device Control, only authorized users can copy data onto encrypted removable devices and/or media with complete auditing of that action.

By employing a whitelist approach, Lumension’s security management solutions are uniquely capable of enforcing application and device usage and control policies, which allows only authorized applications and devices to run or connect to a network, server, terminal services server, laptop, thin client or desktop – facilitating security and systems management, while providing necessary flexibility to the agency to easily enable the use of new/upgraded applications or devices.

Through policy-based control at the endpoints to monitor and control the inbound and outbound flow of sensitive agency information, Lumension® Device Control complements organizations’ M-06-16 compliance strategy by implementing the proper internal safeguards around application and removable device use: