Use glue instead

Amazingly, many companies offer software that is designed to prevent users from connecting USB and other external storage devices. Apparently, there’s demand for products creatively named DeviceWall, DeviceLock and Sanctuary Device Control. The problem they are trying to solve is described by Pointsec, a vendor of another such product:

Data leaks can be devastating
Moving digital files from a PC to a
storage device is very easy, using a USB or Firewire connection, or wirelessly,
using Bluetooth, Infrared or Wi-Fi connectivity. Users innocently plug personal
storage devices into their work PC to upload music, or transmit digital photos,
but the ability to also siphon off corporate data from a PC onto peripherals
places organizations at considerable risk of undetected data leaks.

Now let’s analyse this. Users already have access to the information – it is stored on their computers. Often the computers are laptops that the users can take anywhere and connect to any network. The users can post forms to Web sites, send emails and (horrors!) encrypt information using likes of Winzip without telling password to anybody. If they want to siphon off the information, they can. And blocking USB ports won’t help. Use glue to fill the ports instead – it’s cheaper, and achieves similar outcomes.


One thought on “Use glue instead”

  1. Another way without extra software is to do it in the BIOS. Most corporate pc’s (ie dell/HP) also have hardware interlocks which can be configured to alert if the pc is opened as well. So you can be notified if someone tries to reset the BIOS or remove the HDD. I guess the only thing you need to glue to the pc is the mouse considering ps/2 or serial ports are pretty much extinct these days.

    But i agree, siphoning info is a null point.

Leave a Reply

Your email address will not be published. Required fields are marked *