|
A good security policy with appropriate technology can by and large mitigate that risk: 1. Disable boot-from-USB in the PC's BIOS and lock out users from changing BIOS settings. 2. Use Windows group policy objects to disable USB mass storage devices. 2.1 If 2 isn't possible, deploy third party software that won't allow certain kinds of data to be copied to the USB drives. Said software IIRC is smart enough to examine the data itself and not just the file extension. It's also smart enough to look inside zips. 3. Lock down access to iSeries data to eliminate ODBC & FTP access for all but those who actually need it. 4. While we're at it, disable access to outside FTP and email services. 5. And don't allow CD/DVD burners. 6. And printers. How far do you need to go? Size-wise, you can get a 160GB platter drive that's barely larger than a pack of cigarettes. Example: http://www.westerndigital.com/en/products/Products.asp?DriveID=262. It easily fits in a pants or jacket pocket, possibly in a shirt pocket. Or, for more nefarious purposes, in a hollowed out paperback. And Microdrives, which are the size of a compact flash card, are up to 8GB: http://www.hitachigst.com/portal/site/en/menuitem.7ac4c50322419b5daa67bc a4bac4f0a0/ Again, there's no reasonable reason for MS to not allow Flash drives. Especially since their own SyncToy ( http://www.microsoft.com/windowsxp/using/digitalphotography/prophoto/syn ctoy.mspx ) allows them.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
