Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: use of USB drives

  1. #11
    The Iceman Cometh
    Join Date
    Aug 2001
    Posts
    1,209
    I recently helped migrate a small business to Sanctury Device Control by Kanguru Solutions. It was simple to set up, very cost effective and, at least so far, very efficient at locking out unwanted access to devices attached to the networked systems. Everyone else has made valid points as well, but if you need an all-in-one solution that's simple to manage, this may be a good way to go.

    AJ

  2. #12
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    I forgot to mention this, but squirting epoxy resin into the ports is probably the quick and nasty solution.

    But don't forget the other vectors that have been mentioned.

    Perhaps you should review your security policy as well, and make sure that only people who actually need to have access to your data can access it, and with the minimum authority appropriate to their function.

    You might also get HR to review their recruitment and vetting policy and your terms and conditions of employment.

    At defence sites over here you bring an unauthorised recording device, computer device, camera, thumb drive etc onto the site, then it is instant dismissal at the very least.


  3. #13
    Banned
    Join Date
    Jul 2005
    Posts
    511
    You want a simple solution? Lock up the hardware! Literally!
    What you need to have is some safe or a closet with a lock on it. Put the PC in this safe and drill a few holes in the safe so the keyboard, mouse, power, network and monitor cables can still be connected to this system. And maybe an opening for the user to press the Power switch of the computer. Then lock this safe...

    The advantage of this system is that whomever is responsible for the hardware maintenance, they can still access the computer since they have the key. The user, however, cannot. Even if the user has administrator rights, he still can't connect any hardware to the system thus he has no "physical" access to it. Yet the system is in no way crippled by some software or hardware solution.

    And what if the user breaks open the lock of the safe? Well, it doesn't have to be strong enough to keep out any thieves. A simple wooden box would be more than enough. But when you discover that a user has been tampering with the lock, you should have a serious discussion with that employee, about breaking office materials...

    And keep in mind, a system can always be hacked, especially if the hacker has physical access to the system. By building it into a safe, this physical access will be denied.
    Of course, make sure your users aren't administrators on their own machines or they could bypass many other security measures you've set up. And make sure that any hubs and switches are also locked away safely, so no user can plug out a cable and replace it with it's own...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •