Can laptop users' offline activities be monitored?

There is a direct solution for enterprises looking to enforce a "no USB devices" policy. SearchSecurity.com's network security expert Michael Chapple provides the answer and explains how an enterprise can monitor laptop users' offline activities.

I am an information security consultant interested in monitoring laptop users' activities when they are working...

offlline. Is there a tool that I can use to push all logs on a server while a user is working from home? We have banned USB sticks in our office and monitored all email activity, but we have no control, for example, if a person transfers a file from his laptop to a USB stick from home. We want each user's actions logged on a server when that person comes to the office and connects to our LAN.

This is a tough issue! If you want to log access, you should consider deploying a configuration management product throughout your enterprise. However, it sounds like you're simply looking for a solution that allows you to enforce your "no USB devices" policy. Fortunately, Windows XP SP2 provides a direct way to solve this problem through a registry setting. You need to add a DWORD value called WriteProtect to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlStorageDevicePolicies and set the value to 1. (Note: If you don't understand that, seek assistance from someone familiar with editing the Windows Registry. Editing the registry improperly can seriously damage your operating system).

More Information

  • Visit our resource center for the latest news, tips and expert advice on how to create an effective device security policy.
This was first published in September 2006

Dig Deeper on Information Security Policies, Procedures and Guidelines



Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: