Security Basics mailing list archives
Re: Locking Out All But Company Issued USB Drives
From: Todd Haverkos <infosec () haverkos com>
Date: Thu, 23 Sep 2010 12:21:20 -0500
"Al Cooper" <cooper () hmcnetworks com> writes:
Hi All, I am looking for a good solution for locking out all the USB ports on a companys computers to all but company issued USB drives. I am in a small business environment (about 150 computers). All computers are currently running Vista but will be migrating to Windows 7 in about a year. I have seen some DLP solutions but this seems like over kill and expensive. Any suggestions?
I've seen a demo of McAfee's solution for this -- they can even have an option that involves a mcafee branded biometrically encrypted usb drives with finger swipe scanners built in. It can work with their ePO management console and I think their device control package (i.e. DLP not required if memory serves) to lock down to only using those particular drives. Or they can lock down in a more typical arrangement to specific vendor's drives. A buddy whose shop uses Mcafee has indicated that they include device control in their base level endpoint suite these days, which prices out less than virusscan alone, for whatever it's worth. I believe it's something you could start using now and simply migrate orthogonally to win7 later. -- Todd Haverkos, LPT MsCompE http://haverkos.com/ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Locking Out All But Company Issued USB Drives Al Cooper (Sep 23)
- Re: Locking Out All But Company Issued USB Drives Todd Haverkos (Sep 23)
- Re: Locking Out All But Company Issued USB Drives Ryan Kovar (Sep 23)
- RE: Locking Out All But Company Issued USB Drives Michael Dove (Sep 23)
- RE: Locking Out All But Company Issued USB Drives D. C. Allison (Sep 23)
- Re: Locking Out All But Company Issued USB Drives Ryan Kovar (Sep 23)
- Re: Locking Out All But Company Issued USB Drives Todd Haverkos (Sep 23)
- Re: Locking Out All But Company Issued USB Drives TAS (Sep 23)