Comments on: Who's afraid of portable storage media?

AdvancedForce CEO Vladimir Chernavsky says the latest row about USB ports is part of a bigger debate about how best to manage access to external memory.

Add a Comment (Log in or register) (5 Comments)

USB Drives are a BIG Security Concern.

by rclay October 6, 2004 7:54 AM PDT

I have a Mandrakesoft GlobeTrotter (see http://www.mandrakesoft.com/products/globetrotter). This 40 GB USB drive comes with bootable Mandrake Linux. With such a drive I can walk up to any system, insert a cd, plug in the drive and boot the computer into Linux. It then is a simple matter to copy information off of the computers internal drives, shut down and leave with no trace of my activity. Controlling physical access seems to be the only way to protect against this.

Like this Reply to this comment

Easy to prevent....
by cbiltcliffe October 6, 2004 8:07 AM PDT: Set the BIOS to boot from the hard drive only. If it can't boot from the HD, it doesn't boot.
Password protect the BIOS, and, using the case lock available on all modern cases, lock the case closed to prevent battery removal.
In the Windows administrator account, use the device manager to disable the USB controller device, preventing any USB stick from being used. Of course, this also affects things like USB printers, but most of the larger small businesses, just about all medium, and every enterprise, will have network printers anyway.
There's probably something I haven't thought of, but try me, and I'll figure out a way to stop it.; Like this

DRM is probably a better solution
by PlaceHolder October 7, 2004 1:59 PM PDT: Don't forget about Bluetooth... some laptop could send file to a Bluetooth enabled storage device... And don't forget wireless... New designs from Intel come with access points built in! Enable one of those, and stand outside the building and download data to your hearts content!

As much as it pains me to say it, DRM is *THE* solution here. If the file has sensitive content, it needs to be protected by the companies systems. DRM, when properly implemented, is designed to do exactly this. Any other solution put you permanently in reactionary mode where you have to deal with the "potential data leak of the day"...; Like this Reply to this comment

Wrong Wrong Wrong - Problem is Architecture
by dila813 October 9, 2004 7:54 PM PDT: Again, the problem that keeps coming up is the fact that many in the IT profession do not want to deal with the limitations of an single layer security scheme.
It doesn't work, it won't work, and will never work. Layered security is the only way to go.
The desperation of trying to block a port on an local computer shows the failure of this strategy of one size fits all.
Leave the users alone, fix the network, give it up. Companies must invest in their security even if it means that they will need to have some minimum amount of duplicate infrastructure.; Like this Reply to this comment

And what about productivity?
by dila813 October 9, 2004 7:58 PM PDT: One track minds, forget it.

So the rest of the business takes an 25% productivity hit while IT maintains its one track mind on security.

Real swell, how long will it be before you are fired?; Like this Reply to this comment

(5 Comments)

Latest tech news headlines

Disease-detecting device vibrates with potential
Posted in News - Health Tech by Elizabeth Armstrong Moore

December 2, 2009 5:21 PM PST
Wicked online cash grab out of Tiger Woods scandal
Posted in Technically Incorrect by Chris Matyszczyk

December 2, 2009 4:37 PM PST
Wireless operators stop whining about ads
Posted in Signal Strength by Marguerite Reardon

December 2, 2009 4:14 PM PST
See all headlines