Register

Forgot Password

Site FAQ

Home > IT Answers > Windows Server > Stop using USB in office computers

Aspire

80 pts.

Stop using USB in office computers

Active Directory, Group Policy, USB Flash drives, User Permissions

How can I define a GP so that users cannot use their USB Flash disks??

Software/Hardware used:

ASKED: July 9, 2008 7:51 AM

UPDATED: January 30, 2012 8:22 AM

RELATED QUESTIONS

Answer Wiki:

Hi Aspire, Pls find the <a href="http://support.microsoft.com/kb/823732"> Link1 </a> <a href="http://support.microsoft.com/kb/555324"> Link2 </a> from Microsoft. I hope this will for u Thanks & Regards, Vlvpk ************************************* This might also be helpful: http://labnol.blogspot.com/2006/07/how-employers-disable-usb-ports-how.html The site also has a few other security issues that employers should be aware of. ========= It is actually better to completely disable the USB port in your computer system to make sure any USB devices cannot be plugged in to the computer system. Using the group policy could sometimes create conflict that causes other programs and Windows features to stop working.

Last Wiki Answer Submitted: January 30, 2012 8:22 am by Flame

14,895 pts.

All Answer Wiki Contributors: Flame

14,895 pts. , Vlvpk

790 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Jul 14, 2008 4:13 PM (GMT)

I’m not a techie, but that looks like a very simple question which needs fuller explanation i.e. why do you want to do this in the first place? If you’re concerned about DPL (Data Leak Prevention), prepare yourself for a rocky ride as (a) it’s still a relatively new area and (b) the range of options – problems/solutions and vendors – is almost overpowering.

If DLP is an issue for you, or if you’re concerned about the introduction of unwanted material (malware, 3rd party IPR, media-rich files etc etc) then how do you know that you have a problem in the first place?

General advice I’ve seen seems to be (a) install something like DeviceWall (granular policies) to monitor what’s actually going on (b) develop an Acceptable Use Policy (AUP) and (c) implement and monitor your AUP.

Disabling USB ports disables any kind of USB device and this may not be what you (or your users or managers) intend or find acceptable.

At the other end of the scale, Cisco have a product which does everything which DeviceWall (and others do), plus can prevent emailing, printing, copying, save as from specified folder locations – so if you’re paranoid about your IPR leaving the builing, it’s possible to go into complete lock-down – you can even disable screen captures!!

Hope this help.

Cults14

70 pts.

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags