Rather, it is to prevent employees from saving sensitive information on USB drives in good faith, only to have those USB drives lost or stolen. If they wanted to do that, they would have no end of workarounds, up to printing QR codes on A4 sheets. One of the main reasons behind the prohibition of writing data to USB drives (I had this explained to me once) is not to prevent employees from stealing sensitive information. a user has both a personal & corporate GitHub account) does this sort of policy still provide additional security? Or is it just a placebo for minimally literate auditors? But with the proliferation of personal fileshare tools (that may or may not need to be unblocked by company policy - e.g. There are still a significant number of ways to extract data from the company domain (I've certainly used more than a few work-arounds simply for convenience.)Īt first I thought it could maybe be argued that it prevents low-skilled, high-frequency attacks. Is this actually an improvement to security on its own?
#Usb block data leak prevention download#
Users cannot download sensitive data to a USB drive.Recently, my responsibilities were expanded to include participation in state & federal audits and I've noticed some form of the following the bullet point is usually a highly-promoted feature when asserting compliance: I forget about it as often as not since I can download data from my thumb drive when I need to (I only remember it again when I try to take a file home).
This always seemed like a bit of a pointless PITA to me, just "one of those things.". In my organization, a group policy exists that prevents users from writing data to a USB stick.
0 kommentar(er)
