Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Disabling USB mass storage

from [Kurt Dillard] Network Security [Permanent Link]
Subject: RE: Disabling USB mass storage
Date: Fri, 4 Mar 2005 11:14:07 -0800 
Allan;
Well written and I agree. Its an example of poor risk management. Its
also an example of organizations demanding technological solutions to
problems that can't be solved purely through technology. Anyone with
physical access to a box can find a way to get around to your software
based countermeasures, and probably your hardware based ones as well.
If all else fails, they can take out their phone or music player and
take a digital photo of the computer screen. These organizations might
want to ban CRTs, LCDs, and all other display technologies too, just to
be safe;) 

Having clearly articulated policies about data classification and
handling of corporate data seems more effective to me. Enforcing those
policies by firing people who violate them will let everyone know how
seriously the organization considers the issue to be.

Regards,

Kurt

-----Original Message-----
From: Allan S [mailto:nullconnect@gmail.com] 
Sent: Thursday, March 03, 2005 8:55 PM
To: focus-ms@securityfocus.com
Subject: Re: Disabling USB mass storage

We've taken the step of disabling the USB controllers in device manager
on our clients' machines...


---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Folder Encryption, KL_SecurityFocus
Next by Date:  RE: Disabling USB mass storage, Steven Hay
Previous by Thread:  RE: Disabling USB mass storage, Laura A. Robinson
Next by Thread:  RE: Disabling USB mass storage, Steven Hay
Indexes:  [Date] [Thread] [Top] [All Lists]