RE: USB Security

["D. Weiss" <David () cawdgw net>]

I've been atoying with this idea a bit now, but haven't had a chance to
really look into and stress test it: A GPO that makes all removable drives
EFS encrypted.

Aye, 'tis true EFS can be broken, but many'd not even understand the issue.
All they'da be thinking is their USB backup files only work at work, which
what they'd be awantin' anyways, do you think? Yer thieves and rabble and
whatnot have robbed yeh blind already methinks. If it's the takin of
proprietary information they be awantin to do, I'll surely bet like on
Dilbert; twer emailed home long ago.

If yer just worried about a pesky sneaker netted virii comin under the scope
and awreaking havoc, I'd think if they can use the USB after bein EFS'd at
home, they'd abeing smart enough to AV they things anyways, don't yeh know?

Iffen any of you have been having the time to try a thing like that GPO and
got her to work, I'd be so obliged to hearing hows yeh did it, I'd drop the
corny Irish accent.

:-)

D. Weiss



-----Original Message-----
From: Gray, Steve [mailto:SGray () wakefield gov uk]
Sent: Saturday, November 20, 2004 12:15 AM
To: security-basics () securityfocus com
Subject: RE: USB Security


Hi,
This is something we are very interested in at the moment. I have found some
software, from a firm called Generix, that looks as though it will control
the use but it is difficult to get managers to pay for it. They seem to
understand risks from floppy disks and CD's, but not from USB devices. Any
practical policy guidelines to limit risks would be welcome.
Steve Gray
Wakefield MDC
--------------------------
Sent from my BlackBerry Wireless Handheld