The USB port has its own advantages, which is a fact of modern IT life, but it also means that USB will become a headache for every IT manager.
We need to rely on the USB port and keep it safe. I believe that blocking every use of the USB port is not a solution.
The control of USB ports on Windows XP and Windows Server 2003 systems is quite limited. You can disable the port or make it read-only, but this lacks better control over the allowed devices or file types. However, there are a large number of third-party applications that can help us control the USB ports to varying degrees. As the author likes the USB Secure Storage Expert (USSE), it is a USB port monitoring software developed for the strict control of data security of enterprises or individuals. It can control the read and write permissions of USB storage devices at will. The USB Secure Storage Expert also controls the reading and writing of specific USB storage devices (writes to the identified storage devices) and transparently encrypts USB storage devices.
One of the features of the USB specification is that each device tells the system which device it is, as part of the process of connecting to the system. Some manufacturers take advantage of this to allow you to block certain types of devices on a particular port. For example, you can choose to allow a USB mouse on any port, but never allow a flash drive. The principle of least permission is absolutely applicable to the USB port. In general, the question should not be “What do we need to block”, but “What can we allow?”
Some manufacturers take further steps on the allowed controls, allowing You require a specific device with a specific serial number and connected to a specific user to use a specific port. You can also mark certain devices as read-only or set which types of files can be read or written via a specific USB port. This helps prevent two risks: one is to prevent someone from loading some malicious fraudulent programs into the system through the USB port, and the other is to prevent someone who is not authorized from bringing some data out. For example, a user may be allowed to download Excel (.xls) or Word (.doc) files, but cannot download database files. Such programs are such as USB Lock RP.
There are also products that block USB ports at the operating system level, that is, they become part of the connection process and do not allow certain types of devices to connect to any port on the network. Other products only allow certain devices to block and block other devices of this type. As a result, users can only download files to their laptop's hard drive, but they cannot download to other USB drives. You can also choose to set it up, allowing only one encrypted flash drive that is authorized to be registered as a user. Such as NetWrix USB Blocker.
One of the key things to watch out for when looking for a USB protection program is to see how easy it is to manage it. Since a typical network may have thousands of USB ports, you might think of managing all ports in one central location.
For example, the cheapest USB management software, CheapestSoft USB Blocker, can help a user or administrator control a USB storage device. Administrators can control USB devices on a single computer or on multiple computers on the network. For each storage device, the administrator can set three states: disabled (cannot read or write), read-only, and read and write. These settings do not affect the USB mouse or keyboard.
under
Ideally, you will need to manage the port on the network through Group Policy or other characteristics of seamless technology. There are now products that manage the USB ports on all networks in the enterprise, rather than managing the ports of each network separately.
Of course, USB port control is not the key to network and system security, and you can't absolutely guarantee that data cannot leak out of the USB port. However, this is also the true situation of any endpoint in the network. The key is how to mitigate the risks of these common devices.
Have you ever encountered a situation in your life, sometimes someone else is holding your computer
On November 20, 1985, Microsoft showed the world the first version of Windows. In the past 25 years,
An upgraded version of Outlook Express, Outlook Express 6.0, is built into Windows XP. Users simply
As a computer user, you may also encounter such a strange phenomenon, that is, after the shutdown op
A few things to do to install Windows XP SP2
What does Appdata mean? What files can be deleted by appdata?
What should I do if the computer freezes while dialing up? How to deal with computer fake crash
Win xp how to install new fonts
How to solve the hard access to Win XP system network neighbors?
Set Windows XP to crash automatically when it crashes
Windows server management skills experience
WinXP how to open the speech recognition system for speech recognition based on accent
Win8 installation store application error 0x80244019 solution
Microsoft changed the patch update description strategy, only detailed Win10 important update
The operating system can't enter. Teach you to retrieve the important files of the C drive
How does Win7 speed up U disk transmission? Win7 method to improve U disk transmission speed
Win10 start menu item super 512: animation demo crashes to stop
Windows10 latest preview version of Build 9860 exposure contains more language versions
Win8 set the computer to press the power button will not shut down the implementation method
What is the role of the windows10 gesture function?
How does the Win8.1 Update Apps view show more tiles? Win8.1 Update "should be
After installing Win8, you can't install other systems. How to do