U3 devices compound these problems, since software can be downloaded on the host computer without any need for...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
administrative privileges. U3 smart drives are specially formatted USB flash drives developed for Microsoft Windows systems, and they store and execute their own applications directly from the drive. Any data written to files or the host computer's registry is removed when the flash drive is ejected. This is an administrative nightmare, since users can easily run unauthorized programs that may consume bandwidth, impair network performance or undermine productivity. And the problem isn't going to go away. According to U3, forecasts predict USB flash drive sales to grow to 150 million units worldwide by 2008, with 70% of them projected to be smart drives.
You have various options to control the use of these devices. You could disable Universal Plug and Play, a set of protocols that automatically load USB storage devices as a drive, though this is a little draconian. A better solution is to control which USB devices are allowed to connect to your systems. GFI Software Ltd.'s EndPointSecurity, for example, allows administrators to log access and monitor the activity of storage devices such as USB drives and communication devices like BlackBerrys.
I would combine this type of defense with some form of application control at the desktop. Safend's USB Port Protector, for example, allows smart storage devices to be used strictly as simple storage devices (so long as they comply with the rest of your storage policy). The tool blocks their smart functionality so that programs can't be run from the device.
To tackle security issues involving Skype in particular, I would look to review your network border controls, such as firewalls, and stop the traffic on the network. Also, visit the Skype Web site, where you'll find an administrative template file for Windows Active Directory environments, allowing you to control Skype's use. At the end of the day, though, the only way to really reduce the risk of thumb drives is to develop and enforce an acceptable usage policy for thumb drives and U3-based applications. Your staff should also be made aware of the consequences of non-compliance.
Dig Deeper on Information Security Policies, Procedures and Guidelines
Related Q&A from Michael Cobb
Open source NoSQL MongoDB database faced 30,000 insecure instances. Expert Michael Cobb explains the misconfiguration that led to this, and how to ...continue reading
A new Veracode report offers details on common mobile application security risks. Expert Michael Cobb explains these flaws, and what developers can ...continue reading
Juniper firewall products were found to have two backdoor vulnerabilities. Expert Michael Cobb explains how a cryptographic algorithm and hardcoded ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.