By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
If you remember back to the early days of personal PCs, it was a real chore to connect a new device. It was often necessary to set jumpers, add extra serial or parallel ports, install device drivers and reboot, probably several times. Now thanks to USB, a single standardized interface socket, those days are gone. USB devices can be connected and disconnected without rebooting the computer or turning off the device. It has, of course, been widely adopted as the connection interface of choice, and according to the USB Implementers Forum, as of 2008, there are about 2 billion wired USB devices in the world.
USB, however, is only a standard to interface devices to a host computer. It doesn't provide any security features to filter the data that passes through the connection. In this respect, it is exactly the same as an Ethernet or printer cable; any device connected to a PC via a USB connection can be accessed by an application running on the host PC. Therefore, if the PC has been infected by malware, for example, the malware could access data on a portable hard drive that is connected to the PC via a USB cable. The danger could occur in reverse as well, should a U3-enabled USB drive with auto-launching applications (including malware) connect to a PC could and then access data on the host PC or logs all characters typed on the computer keyboard.
To mitigate these risks, you can disable all USB ports on a PC, but this is rarely practical because the ports may be required for devices such as keyboards and mice. If your organization runs a Windows-based network, then you can control USB drives using Active Directory. Individuals and groups that do not need to use a USB drive can be denied access to the ubstor.pnf and ubstor.inf files through an Active Directory group policy. New to Windows Vista, an administrator can now allow users to install only devices that are on an approved list or deny read or write access to devices that are removable or that use removable media. There are also third-party programs that provide a range of access controls for USB drives.
Hopefully, you can see that USB is merely a means to connect a device to a PC, not to control what the device does. In order to protect the USB device, you will need to provide security measures, which should, of course, be supported by policies that cover and clearly communicate the appropriate use of USB devices.
Dig Deeper on BYOD and mobile device security best practices
Related Q&A from Michael Cobb
A technique known as the GhostHook attack can get around PatchGuard, but Microsoft hasn't patched the flaw. Expert Michael Cobb explains why, as well...continue reading
Software developed by the hacking group Platinum takes advantage of Intel AMT to bypass the built-in Windows firewall. Expert Michael Cobb explains ...continue reading
Tensions between the U.S. and Russia have led to source code reviews on security products, but the process isn't new. Expert Michael Cobb explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.