Schmidtw   10505 pts.  |   Aug 6 2009  5:31PM GMT

I thought I would add a little bit more detail.

Most of what we do is confidential and because of that, we cannot allow users to track information around via flash drives. The user may be trustworthy…but that does not guarentee that any system the flash drive comes in contact with is secure.

Hope this helps!

-Schmidtw

BlankReg   11280 pts.  |   Aug 7 2009  9:42AM GMT

Where I work it is viewed that the flash drive is the most likely carrier of infection (virus, trojan etc) so it is forced to be scanned before it is allowed to be accessed on the PC. But theri use is allowed.

I suspect there is likely to have been a policy in the past for floppy disks, at most companies. I guess the same policy should apply to flash drives, which are mostly used as big floppy drives.

I think that in Schmidtw’s environment, their policy is perfectly correct, the risk is seen as data theft or security, our environment is not so sensitive, and tries to protect the systems, as much as the data on them.

You need to look at your environment, and make a calculated decision as to the security risk, and that will depend on your particular company and the work it does as much as anything else.

KevinBeaver   7610 pts.  |   Aug 7 2009  1:23PM GMT

Here’s a sample security policy template that may help. Good luck trying to enforce this. Your best bet is going to be some sort of endpoint security app that prevents/enforces/etc.