This is a tough issue! If you want to log access, you should consider deploying a configuration management product throughout your enterprise. However, it sounds like you're simply looking for a solution that allows you to enforce your "no USB devices" policy. Fortunately, Windows XP SP2 provides a direct way to solve this problem through a registry setting. You need to add a DWORD value called WriteProtect to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlStorageDevicePolicies...
and set the value to 1. (Note: If you don't understand that, seek assistance from someone familiar with editing the Windows Registry. Editing the registry improperly can seriously damage your operating system).
- Visit our resource center for the latest news, tips and expert advice on how to create an effective device security policy.
Dig deeper on Information Security Policies, Procedures and Guidelines
Related Q&A from Mike Chapple, Enterprise Compliance
Should companies obtain U.S. security clearance to join the Enhanced Cybersecurity Services program? Mike Chapple offers his perspective.continue reading
Does a Web application security assessment termed 'compliance ready' seem too good to be true? Learn its role in an enterprise compliance program.continue reading
Learn how hiring the right PCI DSS-compliant service providers, especially payment services providers, can reduce your compliance burden.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.