Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: wireless thumbdrive

  1. 08-08-2014, 07:46 PM #11
    SeriousStudent
    SeriousStudent is offline
    Site Supporter SeriousStudent's Avatar
    Join Date
    Mar 2012
    Location
    Texas
    Quote Originally Posted by JV View Post
    You need a corporate policy which disallows them, and then an AD GPO that disables removable media.
    Much agree.

    One can also set a GPO that disallows specific classes of USB devices. So you can retain the use of a keyboard or mouse, but eliminate a USB storage device. Driver signing is also possible to enforce, along with preventing someone from loading the more popular brands of USB key drivers. If you have your own PKI, you can sign drivers and use your CRL to rapidly whack stuff if needed.

    Personally, I'm a big fan of physical security. See also: JB Weld.
    Reply With Quote Reply With Quote
    0
     
  2. 08-08-2014, 07:49 PM #12
    SeriousStudent
    SeriousStudent is offline
    Site Supporter SeriousStudent's Avatar
    Join Date
    Mar 2012
    Location
    Texas
    Quote Originally Posted by Bigguy View Post
    That will happen eventually, but only after some department goes down in flames with an infection, or it gets to be a popular buzz word in corporate circles.

    On second thought I would be surprised if the The PCI Security Standards Council doesn't make it a requirement very shortly.
    I understand what you are saying. But if an org is not already exceeding PCI DSS v3.0 without a lot of compensating controls, they are doomed anyway, in my very humble opinion.
    Reply With Quote Reply With Quote
    0
     
« Previous Thread | Next Thread »

User Tag List

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules