By Bill Detwiler
Hollywood would have IT pros believe that the biggest threat to network security comes from international super hackers or high school kids trying to download games like global thermonuclear war. In reality, we face a far more mundane threat–our end users, particularly those wielding USB storage devices.
These pocket-sized devices can store a tremendous amount of data and make it easier than ever before for employees to carry off sensitive company information. But even if your users aren’t planning to cart off your latest R&D project, USB storage devices (external hard drives, camera, memory stick, MP3 players, etc.) can be a headache in other ways. Employees may use your networks to download music to their USB-based MP3 players. New USB flash drives, such as SanDisk’s U3 smart drives, can even run software directly from the device–a perfect tool for the end-user who wants to run unauthorized software on your network.
If you’re concerned about USB storage devices on your network and don’t feel a written policy alone will protect your data, disabling the devices is your next step.
The United States National Security Agency (NSA) described the process in a March 2008 document from the agency’s Information Assurance Directorate. Although this video only covers Windows and OS X, the NSA document covers Linux and Solaris 9 and 10.
Learn more about mitigating the risks poses by USB storage devices with the following resources: