RE: USB and smart drives

["Mike" <mike () superiorholidayadventures ca>]

> Has anyone implemented a policy or process to protect networks from
> viruses
> brought in by users with USB drives, that are not company issued so no
> passwords etc.
>
> I'm thinking that AV with on access and write to disc scans should
help,
> but
> I'd like to see some of the policies others have implemented.

Policy?  "Don't bring them in.  If you do, and the network becomes
infected you lose all computer priviledges."

But that shouldn't happen (network becomes infected) if:

Process?  Have some form of anti-virus installed on all client computers
and server.  Schedule regular daily virus updates.  Schedule weekly
virus sweeps.

If your anti-virus is good, and your definitions are current, you should
be able to stop virus outbreaks.  If not, then good luck to you! :)

Mike Fetherston

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------