Vendors often distribute USB drives as gifts, while some would argue that this is a bad idea because they can introduce...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
risks into an environment. What exactly are these risks and how can they be avoided?
USB drives and other so-called thumb drives do pose a real network security risk. They have become so inexpensive that they are often used as promotional gifts. Although they can be useful, they can harbor confidential data or introduce malicious code to a network. Next-generation U3 smart devices pose an even greater risk because they store and execute their own applications directly from the drive. Software programs can be downloaded onto them without any requirement for administrative privileges on the host computer. As you can imagine, this is a potential administrative nightmare, since users can easily run unauthorized programs that may consume bandwidth, impair network performance and generally undermine productivity.
There are various options for controlling the use of these devices. One is to disable Universal Plug and Play, which automatically loads USB storage devices as a drive, though this method is a little draconian. A better solution is to control which USB devices are allowed to connect to your systems. GFI EndPointSecurity, for example, allows administrators to manage and log access and activity of storage devices such as USB drives, as well as communication devices like BlackBerrys. I would combine this type of product with some form of application control at the desktop. Safend Protector, for example, allows smart storage devices to be used as mere simple storage devices -- so long as they comply with the rest of your storage policy. The tool also blocks smart functionality so that programs can't be run from the device. Finally, if you are thinking of upgrading to Windows Vista, check out its built-in USB device control features.
Learn more about controlling U3 smart drive use in the enterprise.
Enforce a "no USB devices" policy.
Dig Deeper on Information security policies, procedures and guidelines
Related Q&A from Michael Cobb
Running a private certificate authority can pose significant risks and challenges to meet baseline requirements. Michael Cobb explores what ...continue reading
A recently discovered Android app permissions flaw can expose users to attacks. Michael Cobb explains what the risks are and how Android O security ...continue reading
An ImageMagick vulnerability known as Yahoobleed could give hackers access to Yahoo servers. Expert Michael Cobb explains the flaw and how Yahoo ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.