Security risk and back door access for USB netowrk devices

[Richiesmith]

I have a site wide issue were users can access the internet using USB Modems
/ Network cards.

I want to disable to capability due to some recent security treat that
entered our network. All PCs use USB K/K and mice there fore disabling UBS is
not an option.

I believe doing some work on IPSEC can resolve this issue but I cannot
figure it out..

Please advice.
Thanks..
I have a site wide issue were users can access the internet using USB Modems
/ Network cards.

I want to disabel to capability due to some recent security treat that
entered our network. All PCs use USB K/K and mice there fore disabling UBS is
not an option.

I beleive doing some work on IPSEC can resolve this issue but I cannot
figure it out..

Please advice.
thanks..

Richie Smith

 

[David H. Lipman]

From: "Richiesmith" <[email protected]>

| I have a site wide issue were users can access the internet using USB Modems
| / Network cards.

| I want to disable to capability due to some recent security treat that
| entered our network. All PCs use USB K/K and mice there fore disabling UBS is
| not an option.

| I believe doing some work on IPSEC can resolve this issue but I cannot
| figure it out..

| Please advice.
| Thanks..
| I have a site wide issue were users can access the internet using USB Modems
| / Network cards.

| I want to disabel to capability due to some recent security treat that
| entered our network. All PCs use USB K/K and mice there fore disabling UBS is
| not an option.

| I beleive doing some work on IPSEC can resolve this issue but I cannot
| figure it out..

| Please advice.
| thanks..

| Richie Smith

How about a complete re-write so people can understand what you are trying to express.

 

[Steve Riley [MSFT]]

How do you know the "security threat" was the result of the specific user
behavior you describe? What is this "security threat"?

Sounds to me like you've got a human problem, not a technical one. If your
users are wantonly installing their own hardware, take a moment and think
why this is happening. Are they just goofing off (a human/management
problem), or do they need Internet access to get their jobs done (another
management problem)?

 

[Anteaus]

Strikes me this is more of a disciplinary matter than an IT one. The best
approach to such issues is, I find, to make it clear that such activities
WILL be detected, and that an unpleasant experience will follow for the
perpetrator.

Eyes glowing, he dons his hand-device...

 

[David H. Lipman]

From: "Anteaus" <[email protected]>


| Strikes me this is more of a disciplinary matter than an IT one. The best
| approach to such issues is, I find, to make it clear that such activities
| WILL be detected, and that an unpleasant experience will follow for the
| perpetrator.

| Eyes glowing, he dons his hand-device...

This comes under the header of creating an "Authorized Use Policy" and having all
employees sign it.

 

[Richiesmith]

From: "Anteaus" <[email protected]>


| Strikes me this is more of a disciplinary matter than an IT one. The best
| approach to such issues is, I find, to make it clear that such activities
| WILL be detected, and that an unpleasant experience will follow for the
| perpetrator.

| Eyes glowing, he dons his hand-device...

This comes under the header of creating an "Authorized Use Policy" and having all
employees sign it.