SecurityFocus

Secondary Storage Device Policy Dec 09 2004 06:00PM
Tim Watkins (watkinstj iimef usmc mil) (3 replies)

RE: Secondary Storage Device Policy Dec 10 2004 03:23AM
Laura A. Robinson (laurarobinson verizon net)

Re: Secondary Storage Device Policy Dec 09 2004 08:51PM
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa pacbell net)

Windows Tip #707: Control Block Storage Devices (aka: USB Flash Drives):
http://windows.about.com/library/tips/bltip707.htm

JSI Tip 8730. How can I prevent Windows XP users from writing to USB
storage devices?:
http://www.jsiinc.com/SUBR/tip8700/rh8730.htm

Controlling block storage devices on USB buses

What does controlling block storage devices on USB buses do?

This feature provides the ability to set a registry key that will
prevent write operations to USB block storage devices, such as memory
sticks. When this registry key is enabled, the devices function only as
read-only devices. You can implement this setting as part of a security
strategy to prevent users from transporting data using these devices.

Who does this feature apply to?

?

Users who do not want data to be written from their computer to a USB
storage device.

?

IT professionals who want to implement organization controls over the
use of USB block storage devices

What settings are added or changed in Windows XP Service Pack 2

Setting name Location Default value Possible values

*WriteProtect*

*HKEY_LOCAL_MACHINE\System\*
*CurrentControlSet\Control \StorageDevicePolicies*

DWORD=0

*0 - *Disabled

*1 -* Enabled

Top of page <#top>Top of page <#top>

http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2otech.
mspx

Tim Watkins wrote:

>I am currently developing a policy in a Microsoft environment on the use of Secondary Storage Devices. This is especially concerned with Thumb drives and ensuring that they do not compromise security between classified systems. Do any of you already have a policy in place? Additionally, is there a simple way of removing the drivers from a WinXP or 2000 environment so that these types of devices can not be installed via plug and play? I have played around with the idea of shutting down USB ports but there are just too may other things (mice, keyboards, cac readers) that use them. If there was a way to know (event viewer perhaps) or other means when one was attached, it would also help.
>
>
>
>Tim Watkins
>
>-----------------------------------------------------------------------
----
>-----------------------------------------------------------------------
----
>
>
>
>

--
An open letter to Steve Ballmer::
http://msmvps.com/bradley/archive/2004/12/06/22637.aspx

------------------------------------------------------------------------
---
------------------------------------------------------------------------
---

[ reply ]

Re: Secondary Storage Device Policy Dec 09 2004 08:28PM
jkowall (jkowall shocking net)