How to stop employees connecting USB devices to their work PCs
The humble USB port has brought many benefits in terms of computer connectivity. Anyone who has had to struggle with COM ports and IRQ settings in DOS or Windows 3.1 will surely appreciate the ease with which devices simply plug & play without the need for any complicated changes to system settings. But, for employers the USB ports fitted to their employees PCs can be a curse rather than a blessing.
Many businesses are becoming increasingly concerned about the growing threat of malware and viruses on employees' USB devices. Sales of floppy drive locks peaked in the mid to late nineties when virus writers switched from floppy disk to email as their preferred infection method, since then the need to deter users from inserting mobile media into their machines has been negligible.
However, the risk level is changing. In 2008 security company ESET (www.eset.co.uk) placed INF/Autorun, a malware typically found on USB flash drives as the number one detected threat from a sample of over ten million systems. Looking back at how sales of floppy drive locks shot up in the early nineties when viruses were frequently spread using floppy disks, combined with anecdotal evidence from business customers today all points to a heightened risk that organisations are keen to minimise.
So what can be done to prevent negligent employees from deliberately (or accidentally) introducing viruses onto your company's systems via their USB devices? Completely disabling the ports in a PC's BIOS isn't always a viable option for some companies. Banning employees from connecting their USB drives or MP3 players is an option, but it can be difficult to police.
USB Port Blockers are a cheap and effective physical and visual deterrent which prevent users from plugging devices into USB ports. As well as providing a mechanical method of restricting access to a USB port they can serve as a visible reminder that company policy frequently disallows the insertion of unauthorised USB devices.
A USB Port Blocker consists of a combined 'key' and 'lock' assembly, which plugs into the USB port. Blocking the port is simply a matter of plugging the 'keylock' into the port and releasing the latch. The key can then be removed leaving the lock in place.
Many businesses are becoming increasingly concerned about the growing threat of malware and viruses on employees' USB devices. Sales of floppy drive locks peaked in the mid to late nineties when virus writers switched from floppy disk to email as their preferred infection method, since then the need to deter users from inserting mobile media into their machines has been negligible.
However, the risk level is changing. In 2008 security company ESET (www.eset.co.uk) placed INF/Autorun, a malware typically found on USB flash drives as the number one detected threat from a sample of over ten million systems. Looking back at how sales of floppy drive locks shot up in the early nineties when viruses were frequently spread using floppy disks, combined with anecdotal evidence from business customers today all points to a heightened risk that organisations are keen to minimise.
So what can be done to prevent negligent employees from deliberately (or accidentally) introducing viruses onto your company's systems via their USB devices? Completely disabling the ports in a PC's BIOS isn't always a viable option for some companies. Banning employees from connecting their USB drives or MP3 players is an option, but it can be difficult to police.
USB Port Blockers are a cheap and effective physical and visual deterrent which prevent users from plugging devices into USB ports. As well as providing a mechanical method of restricting access to a USB port they can serve as a visible reminder that company policy frequently disallows the insertion of unauthorised USB devices.
A USB Port Blocker consists of a combined 'key' and 'lock' assembly, which plugs into the USB port. Blocking the port is simply a matter of plugging the 'keylock' into the port and releasing the latch. The key can then be removed leaving the lock in place.
Source...