Stop Clients Using USB

[Chocman34]

Hi Guys

I am looking at issues for my company; they are concerned that
confidential information is being taken offsite via USB devices. They
are looking at having this function disabled across fleet of pc.

Company has 3 sites with total of:
150 desktops
50 laptops
Running XP sp2
AD 2003

I am trying to figure out the best way of making change across entire
network, I was thinking of a group policy that would disable function
on pc.

Has anyone else had this situation within there environment.

Many Thanks

David

 

[James]

Here you go...via Group Policy!

http://www.petri.co.il/disable_usb_disks_with_gpo.htm

 

[Robert Roland]

they are concerned that
confidential information is being taken offsite via USB devices

Why are they only worried about USB devices? There are many other ways
of transferring data. The most popular one being network, maybe they
should disable network as well?

People could print confidential information and take the paper with
them. Best to disable printers to be sure.

How about those that read and remember confidential information off
the monitor? Ban monitors, of course!

Floppy drives have been around for ages.

Bottom line: If you can't trust your employees, it might be better to
get rid of them.

 

[Chocman34]

Thank you for all your replies on this problem, I have gone down the
route of GP within AD to control USB access. The main reason for
locking down the USB is we recently dealt with an employee as they were
passing information to people outside of company.

Cheers

David