I know you are championing the SP2 Write protect USB drives thing as a great step in security as of late, however it is so small in scope that it is really hardly worth mentioning apart from saying it exists. Where's the security measure that stops me from hooking up a USB Bluetooth adapter and copying stuff off the box to my laptop? Even aside from adding new USB hardware, you can still pipe data out to a server on the 'net using the tools on a USB drive, and also use the tools to break the security of the system. It would really be something you couldn't rely on since someone able to get that many tools onto a CD or USB key would be capable of using privilege escalation exploits, and then be able to disable the USB write protect in the first place. It would delay someone making off with the data by like 20 minutes maybe.Originally posted here by Irongeek
Easy. Unless the person bypasses it, it will keep them from copying large amounts of company date to the USB storage device and walking out with it. Some folks are particular about who has there customer, employee and other databases. If it keeps them from copying the data and walking out with it I'd say it's a help.
This openness of access is precisely why sensitive data should never be stored on desktop systems, and should require some kind of authentication beyond basic OS authentication to get at.