Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Thumb/flash drives

Status
Not open for further replies.
campyracr

campyracr

IS-IT--Management
Jun 25, 2002
288
US
Some poo-bah wants to mandate that these USB devices are a horrible security risk on the network.

I would argue that the users have the ability via: CDR, email, or even FDD to copy "sensative" information and take it out of the building.

Any thoughts to help secure the USB?
 
Sort by date Sort by votes
While at my work we do not lock down USB devices and I like it, there are counter arguments to each of the examples you gave:

CDR - This can be controlled by only installing them on a few machines and even then locking it down to where only an admin can burn.

EMail - There is at least a record here (or there can be) of who sent what sensitive information to whom.

FDD - Again, only install them on a very limited set of machines if on any at all. We don't actually install them in any desktop/laptop cpu anymore at all.


Regardless of the validity of the counter arguments, it is never a good idea to argue for allowing a security risk by pointing out that there are other risks already. Should banks stop using vaults since some people can rob banks even if they have a vault?

Again I would like to point out that we don't lock down USB devices here and I like it that way. I just wnated to point out that your argument for not locking them down is not the most viable argument around.

A better approach IMO would be to list the benefits provided by USB devices then compare that to the security risk they represent.

[red]"... isn't sanity really just a one trick pony anyway?! I mean, all you get is one trick, rational thinking, but when you are good and crazy, oooh, oooh, oooh, the sky is the limit!" - The Tick[/red]
 
Upvote 0 Downvote
Valid point. I was letting my frustration get in the way of logical thoughs.

I suppose we'll just be living on the razor's edge when it comes to that rule.
 
Upvote 0 Downvote
There are quite a few different options that may fit your situation campyracr. From a log type/audit software installed locally to network access controls - you do have some options.

For example, if you're looking for a network based solution, you can look at
Basically, it's deployed & managed directly over the network. Also, this will not only address the USB security concerns but other types of RM too (CDRW, DVD, PDA, etc...)

Good Luck.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

jimgarza
  • Locked
  • Question
Wiping AIX SSA disk drives to DOE standard 1
Replies
4
Views
43
mrn
mrn
AnotherITguy
  • Locked
  • Question
Anyone use Compusec for encrypting hard drives?
Replies
0
Views
25
AnotherITguy
AnotherITguy
prworld
  • Locked
  • Question
Stop SWF flash movies from being Cached?
Replies
4
Views
53
rtichnor
rtichnor
prworld
  • Locked
  • Question
I need to create a secure 'flash' demonstration CD 1
Replies
2
Views
55
requested89
requested89

Part and Inventory Search

Sponsor

Back
Top