Disable USB

  • Thread starter Thread starter Jim
  • Start date Start date
J

Jim

Looking to disable USB in our domain to stop users from
attaching USB flash Drives. Can't seem to find any info
on this.

Thank you in Advance!
 
Hi Jim-



If your users have local Administrative access so that they can install

hardware then they will be able to do this.



The answer (I suspect you know this already) is to not allow local

Administrative access for the domain users.



You may consider editing the security settings in Computer

Management->Removable Storage->Properties->Security and removing or denying

access for all, but this is all or nothing for ALL removable storage. That

would prevent use of CD-ROM as well.



The reason it must be set for all removable storage is that an unattached
device will not appear as selectable to edit it's security.



This is all moot if the users have administrative access since they can edit
the security on Removable Storage themselves (if they know how).
 
There are no Microsoft supported ways of blocking access to USB devices at
this time (Currently), there are however third party tools which can provide
this functionality:

http://www.protect-me.com/dl/ I do not think this one supports a white list
of acceptable devices.

http://www.securewave.com/products/securent/index.html I have seen this one
successfully implemented at high security locations with good results but
that is one persons opinion and not that of MS.

I am sure there are others but they are the ones I know of off the top of my
head.



Buz Brodin
MCSE NT4 / Win2K
Microsoft Enterprise Domain Support

Get Secure! - www.microsoft.com/security

This posting is provided "as is" with no warranties and confers no rights.

Please do not send e-mail directly to this alias. This alias is for
newsgroup purposes only.
 
Back
Top