Welcome to NBlog, the NoticeBored blog

I may meander but I'm exploring, not lost

Sep 27, 2006

Disabling USB storage

A few organizations that recognize the security issues created by USB thumb drives, hard drives, CD-RWs etc. decide to lock down the USB ports on their systems. The usual way to do this is to buy, test and install additional USB control software. A Microsoft MVP (Most Valuable Professional) has come up with a low cost solution using native Windows functionality - specifically, Group Policy. WindowsDevCenter explains how to define a policy to disable the USB storage driver. A Microsoft Knowledge Base article contains the necessary code. This looks like a viable option if you only want to turn off USB storage devices on your Windows network machines. If you need more fine-grained control such as the ability to allow read not write or to log and report use of the devices, you'll presumably still have to buy, test and install the USB control software though.
More portable IT security links