Dave
Tue Sep 14 13:44:50 CDT 2004
And the link:
http://forums.susserver.com/index.php?showtopic=2067
DS
"Dave Stoecker" <david_stoecker@hotCOFFEEmail.com> wrote in message
news:Ov0hL3hmEHA.3564@tk2msftngp13.phx.gbl...
> Kevin, I agree with you that wholesale blocking of usb sticks is a bit
> extreme. But if there is a way to do it by policy on a user/group basis,
it
> certainly is a good thing to have if needed.
> Still haven't found that post...
>
> Cheers,
> Dave
>
> "Kevin Weilbacher [SBS-MVP]" <kweilbacMVP@gte.net> wrote in message
> news:uD5KPffmEHA.2948@TK2MSFTNGP11.phx.gbl...
> > Interesting subject. I spoke at an IT Managers conference in Kansas City
> > last month. I had my powerpoint presentation on a USB disk key, and gave
> > it to the person in charge of the conference, he quickly said: "Sorry,
we
> > are no longer allowed to plug in USB disk keys to our computers."
> >
> > Well, I make it a point to follow whatever rules and security
restrictions
> > a company has in place, and will always commend them for taking whatever
> > actions they have implemented. But personally, I thinks that's a step or
> > two too far in the wrong direction. If you have updated virus software
> > installed, and restrict local admin access, and don't run any
executables,
> > there should not be any risk. I'd suspect they were recently infected,
and
> > that's why they took the steps they did.
> >
> > --
> > Kevin Weilbacher [SBS-MVP]
> > "The days pass by so quickly now, the nights are seldom long"
> >
> >
> > "Dave Stoecker" <david_stoecker@hotCOFFEEmail.com> wrote in message
> > news:e98onAbmEHA.3988@tk2msftngp13.phx.gbl...
> >> Interesting!
> >> I recall seeing a blog or discussion board post with code to create
> >> policy
> >> templates for disabling usb sticks, as well as floppy, and cd-roms.
I'll
> >> post a link if I can find it again...
> >>
> >> DS
> >>
> >> "jann" <jann@dial.pipex.com> wrote in message
> >> news:enKfF9VmEHA.3336@TK2MSFTNGP10.phx.gbl...
> >>> Hi - not tried this, but looked handy
>
>>> ------------------------------------------------------------------------
--
> >> --
> >>> ----------------------------------------------
> >>> Controlling block storage devices on USB buses
> >>>
> >>> What does controlling block storage devices on USB buses do?
> >>>
> >>> This feature provides the ability to set a registry key that will
> >>> prevent
> >>> write operations to USB block storage devices, such as memory sticks.
> >>> When
> >>> this registry key is enabled, the devices function only as read-only
> >>> devices. You can implement this setting as part of a security strategy
> >>> to
> >>> prevent users from transporting data using these devices.
> >>>
> >>> Who does this feature apply to?
> >>>
> >>> . Users who do not want data to be written from their computer to a
USB
> >>> storage device.
> >>>
> >>>
> >>> . IT professionals who want to implement organization controls over
the
> >> use
> >>> of USB block storage devices
> >>>
> >>>
> >>> What settings are added or changed in Windows XP Service Pack 2
> >>>
> >>> Setting name Location Default value Possible values
> >>>
> >>> WriteProtect
> >>>
> >>> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control
> >>> \StorageDevicePolicies
> >>>
> >>> DWORD=0
> >>>
> >>> 0 - Disabled
> >>>
> >>> 1 - Enabled
> >>>
> >>>
> >>>
> >>
> >>
> >
> >
>
>