Discussion Question about Using USB 2.0 Drives
No. 18 What measures would you take to enable the use of USB 2.0 drives in your network while providing protection from the malware they might carry?
Assume that I am a manager in a large enterprise organization that uses Windows Server 2008 in its infrastructure.
1) I would write the following Information Security Policies:
a. A policy that required the use of Kanguru USB 2.0 with built-in malware detection (Kanguru, 2011).
b. A policy that included a restriction use of USB drives to a limited number of workstations, PCs and laptops in each work area.
c. A policy that covered the proper use, the misuse, and dangers of USB drives.
d. A policy that required the creation and implementation of a Windows Server 2008 Group Policy Object that would prevent the use of USB drives on every machine on the network except the designated machines.
2) I would work with the Lead System Administrator to create and implement the Windows Server 2008 Group Policy Object that would prevent the use of USB drives on every machine on the network except the designated machines (Pertri, D, 2011).
3) I would work with a trainer to develop Information Security Awareness training that covered the use, misuse and dangers of USB drives, as well as the requirement to use Kanguru USB drives on designated workstations, PCs, and laptops in designated areas.
4) I would develop and administer a 10-question quiz about the proper use of USB drives that tested the effectiveness of the Information Security Awareness training.
5) I would purchase and distribute the Kanguru secure USB drives to those who scored at least 90% correct on the quiz (Kanguru, 2011).
6) I would set up safeguard security software on those designated workstations, PCs, and laptops that would automatically scan any USB drive for malware prior to enabling it.
Each of these These would help ensure that most malware was kept off the enterprise network.
Kanguru. (2011). Securing Flash Drives within the Enterprise. A blog with Information Security Management Tips. Retrieved from the web at http://blog.kanguru.com/index.php/securing-flash-drives-within-the-enterprise/#more-1072 on October 24, 2011.
Petri, D. (2009). How can I prevent users from using USB removable disks (USB) flash drives) by using a Group Policy (GPO)? An article published at the petri IT Knowledgebase website. Retrieved from the web at http://www.petri.co.il/disable_usb_disks_with_gpo.htm on October 24, 2011.
Bill
William Favre Slater, III
MBA, M.S., PMP, CISSP, SSCP, CISA, ISO 27002, ISO 20000, ITIL v3, Cloud Computing Foundation
Project Manager / Program Manager
CYBR 515 Blog: http://cybr515.blogspot.com
Chicago, IL
United States of America
No comments:
Post a Comment