Currently, based on recent reports, it appears that there is more and more data being stolen via USB ports. Can this be stopped? Are there technical solutions to this?
According to SC Magazine “many FTSE IT departments going so far as to glue USB ports shut to prevent their use”. If that’s true, that is shocking.
There are many ways to prevent data theft, and using glue should not be one of them. Below are some ways IT staff should consider.
- Turn off USB ports of at the BIOS (if BIOS allows) and password protect the BIOS (this is not full proof though as the BIOS can be reset).
- Switch the USB port to write protect mode by changing the registry. IT Admins can force this change through the domain/active directory. This means that staff can come in to work, play music, look at pictures etc via the USB ports, but not take data out.
- Use one of the many DLP (Data Loss Prevention Tools) available to block prevent or limit users doing this.
- Limit access by permissions. Does the whole company need access to company contacts, or just the sales department. If people don’t need access take it away
- Enforce encryption on USB drives
Top Tip – if your IT Manager is using glue as the primary source of preventing data theft, he probably used to work for the government!