Removable Media Security Policy

[tbz_ck]

Hi

Wondered if I could get the advice of those that have done this before. My boss is concerned about the rise in use of USB memory sticks and removable disk drives and wants me to think of measures to disable their use without prior consent on the network.

Now if I remember correctly, Windows 2008 group policies allow this to be managed directly out of AD, but Windows 2003 does not? Is that right?

I'd be interested to hear about what others do to mitigate against business data "walking" off site.

Many thanks

CK

 

[JonnyT]

You are right that Server 2003 and standalone XP don't have the policies to cope with removable media restrictions. There are some free undocumented workarounds (there's one on www.petril.co.il) but it may be worth investigating third party software such as devicelock which gives much more control.

 

[Basher]

Is this something you've got a budget for or strictly - has to be done for nothing?

 

[Ev0]

I've used Securewave at the last 2 places I've worked, not free/cheap though.

 

[Seaniboy]

Use Lumension’s Sanctuary for end point secutiry. Can lock it down pretty much how you like. User can also request temp access.

 

[Ev0]

Use Lumension’s Sanctuary for end point secutiry. Can lock it down pretty much how you like. User can also request temp access.

Forgot that's what Securewave is called now

 

[Basher]

I've also used/sold Lumension in the past - Very good product. We recently sold into the NHS in Scotland who are VERY keen on it.

 

[zetec452]

Appsense 7 and scriptlogic will both secure USB.

 

[tbz_ck]

Is this something you've got a budget for or strictly - has to be done for nothing?

Not decided upon that yet. There is no official budget for it, but I do have a little in the lump sum budget for unplanned for projects.

Thanks for your suggestions so far.

More are welcome