Restrict USB Storage Devices in an Enterprise Environment

[IAmATeaf]

I mean all this talk of limiting infected files entering the network via usb storage devices...what if someone whacks in a cd...I take it the OP controls that already there.

Well Sanctuary allows control over cd/dvd and cd/dvd writers.

[Moby-Dick]

I mean all this talk of limiting infected files entering the network via usb storage devices...what if someone whacks in a cd...I take it the OP controls that already there.

Limiting infected files is part of the problem , but in an enterprise environment its data transfer the other way thats more of an issue. ie. you dont want anyone walking of with a copy of your CRM database for example ( if your system was so open that you'd allow users to be able to do so )

[EvilMunky]

I mean all this talk of limiting infected files entering the network via usb storage devices...what if someone whacks in a cd...I take it the OP controls that already there.

I removed the CD drives.

As for the data - well thats a manageable risk. People with access to data are trusted with it and could take it on a pen drive / cd from a machine which is authorised.

People that we don't know and trust, dont have access to the data in the first place.

[pendulum666]

Limiting infected files is part of the problem , but in an enterprise environment its data transfer the other way thats more of an issue. ie. you dont want anyone walking of with a copy of your CRM database for example ( if your system was so open that you'd allow users to be able to do so )

Yeah thats a good point well made. An entire export of a company's CRM DB could fetch a lot of money on the black market and massively damage them.