Under Review

USB Device control option


Userlevel 1
Blocking usage of USB devices can help businessed reduce threat surface.
Mayeby this could  be done by utilizing local machine group policy capabilties at least on windows machines.

3 replies

Badge
+1 vote
Userlevel 7
Badge +31
All,

I'm interested in understanding more about your requirements for this request. From other customer interactions, control of USB mass storage devices is the highest priority item to deal with when looking at USB device control. For USB Mass storage, do you want :-

  • Report what is being used
  • Switch use of USB mass storage devices Off / On
  • Deny all USB mass storages devices apart from those on a ( Admin defined ) approval list
  • Any combination of the above
  • Something else

Please do let me know as this is an active area of research at the moment.


Regards

Jonathan Giffard
Badge
For us, a usage report is not required, only an alert if any installation is attempted.

Yes - USB mass storage devices. Right now we're using Ratool here...
https://www.sordum.org/8104/ratool-v1-3-removable-access-tool
whic works well. Mainly we go into the options of it and disable autorun.inf, disable installation of new devices, and block write access. I'm sure it just changes some simple registry values, but we didn't want to research it.

Admin approval list would be great.

I recommend checking out Ratool to see what they've done.

Reply