Given the recent social engineering test with USB devices left around a credit-unions lobby I would disagree. With proper controls, I could issue a certified USB drive, with encryption, to those who can and should be allowed to use such devices to bring data back and forth from home computers to the office.
I would want my device, and *only* my device to have access to my computers. I would not want an employee picking a USB drive up out of a taxi or bus and putting into their computer at work just to "check it out". While not totally eliminating the possibility of malware being introduced through a USB device it certainly reduces the impact allowing employee's to use USB devices carries to a large degree. Add in the ability to audit the files that come off of and are copied onto USB devices, even auditing what files are burned to CD/DVD's and you are protecting yourself to an even greater degree. On 6/15/06, George Njoku <[EMAIL PROTECTED]> wrote:
Gentlemen, this USB lock down for certain device is a nice idea, but just not necessary George Njoku Turner Engineering, Inc. 973.263.1000 [EMAIL PROTECTED]
-- Greg Merideth Forward Technology, LLC. CTO & Other Wild Stuff [EMAIL PROTECTED] PGP Fingerprint D0FCCD39743A6ABF87470A87EDE382594968A60A "10b|~10b" - Shakespeare --------------------------------------------------------------------------- ---------------------------------------------------------------------------
