Amazingly, many companies offer software that is designed to prevent users from connecting USB and other external storage devices. Apparently, there’s demand for products creatively named DeviceWall, DeviceLock and Sanctuary Device Control. The problem they are trying to solve is described by Pointsec, a vendor of another such product:
Data leaks can be devastating
Moving digital files from a PC to a
storage device is very easy, using a USB or Firewire connection, or wirelessly,
using Bluetooth, Infrared or Wi-Fi connectivity. Users innocently plug personal
storage devices into their work PC to upload music, or transmit digital photos,
but the ability to also siphon off corporate data from a PC onto peripherals
places organizations at considerable risk of undetected data leaks.
Now let’s analyse this. Users already have access to the information – it is stored on their computers. Often the computers are laptops that the users can take anywhere and connect to any network. The users can post forms to Web sites, send emails and (horrors!) encrypt information using likes of Winzip without telling password to anybody. If they want to siphon off the information, they can. And blocking USB ports won’t help. Use glue to fill the ports instead – it’s cheaper, and achieves similar outcomes.