Security Basics mailing list archives
Re: Flash Drive Policy
From: "Steve Armstrong" <stevearmstrong () logicallysecure com>
Date: Sun, 12 Oct 2008 12:06:46 +0100
I mus ttake issue with your 2nd point as I believe the 'head in the sand' approach to USB devices is so 1990's. USB is used in most businesses and it will continue to increase with the demise of open network shares on Corp lans (aka the swap share) and the introduction of desktops to the Corp environment without ps/2 interfaces.
I agree that policy and appropriate software can reduce the risk from USB devices but that is not our call (security advisors) it's the risk owners - who in my experieance are some of those asking for them in the first place.
Steve Armstrong Technical Security Director Logically Secure Tel. 01522 689799 Mob. 07970 929583 (sent from a mobile device, so please excuse any typos) On 10 Oct 2008, at 18:53, "Jon Kibler" <Jon.Kibler () aset com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All, Okay, I *REALLY* hate to reply to my own posting, but...- From the several off-list comments / questions I have received from thisposting ("I don't see any policy information on this page, did I miss something?"), the point I was trying to make obviously got completely lost on a bunch of folks! So... in case you missed it, these are my points: 1) All unused USB ports should be turned off in BIOS. (And, BIOS should be locked with an administrative password.) 2) USB devices -- especially flash drives and other storage media -- do not, in general, have a place in the workplace. 3) If you absolutely must enable the use of flash drives (or other removable media), then: a) They must be scanned by AV software before access is allowed. b) Nothing on the removable media should be allowed to execute. c) All data transferred to / from removable media must be logged. d) Data exfiltration safeguards need to be applied separate from the implementation of any removable media. Where were my points buried in that page? Well, if you can plug in a flash drive and have it steal credentials from the computer with no other user interaction required, you clearly have a SERIOUS security issue that could be exploited by anyone possessing a flash drive. Need I explain more? Jon K. Jon Kibler wrote:Steven Bonici wrote:I am looking for a policy on using flash drives, can someone point me toone?See: http://wiki.hak5.org/wiki/USB_Switchblade This will clearly show what should be your policy. Jon K.- -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjvaDUACgkQUVxQRc85QlPl9wCeMV3V5JiJl1rY3DuXUKS0NGbh oQcAniRfba7waUPtqVpZrmHMMJs0Q/YY =uFtB -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
The information contained in this e-Mail and any subsequent correspondence is private and is intended solely for the intended recipient(s). The information in this communication may be confidential and/or legally privileged. Nothing in this e-mail is intended to conclude a contract on behalf of Logically Secure Ltd or make Logically Secure Ltd subject to any other legally binding commitments, unless the e-mail contains an express statement to the contrary or incorporates a formal Purchase Order. For persons other than the intended recipient any disclosure, copying, distribution, or any action taken or omitted to be taken in reliance on such information is prohibited and may be unlawful. Registered in England and Wales No: 05967368. Registered Office: 36 Tudor Road, Lincoln, LN6 3LL.
Current thread:
- Flash Drive Policy Steven Bonici (Oct 08)
- Re: Flash Drive Policy Jon Kibler (Oct 09)
- Re: Flash Drive Policy Jon Kibler (Oct 10)
- Re: Flash Drive Policy Steve Armstrong (Oct 14)
- Re: Flash Drive Policy Jon Kibler (Oct 14)
- RE: Flash Drive Policy Hill, Pete (Oct 14)
- RE: Flash Drive Policy Steve Armstrong (Oct 15)
- Re[2]: Flash Drive Policy Adam Pal (Oct 16)
- Re: Re[2]: Flash Drive Policy Lucas Lyon (Oct 17)
- Re: Flash Drive Policy Jon Kibler (Oct 10)
- Re: Flash Drive Policy Jon Kibler (Oct 09)
- RE: Flash Drive Policy Steven Bonici (Oct 09)
- Re: Flash Drive Policy ॐ aditya mukadam ॐ (Oct 10)