USB-stick... friends or foes ?

 
Author
Message
SysAid Wiz
915
 
I personally love it.
But I kill every USB port in my LAN and have users fire an SR when they need to transfer file in and or out of the network.

Why ?
Cause I'm old and I remembered.

I'm old enough to remember the menace floppy unleashed when it innocently spread malwares... no snicker-net is bad and has to die.
Besides... USB-stick present another threat floppy can never match. The capacity is growing. In the floppies days you can rest assure a theft won't be able to get much with a 1.4 Mb floopy... but now... 2... 4 Gb !

But they are so cute...
And with the raise of portable applications they are cute, fun and goddamn powerful.
Not to mention the variety of device you can stick it in... DVD players, Projectors... so many of them... so many.

SOOooo...
*smile and sigh*
What do you think of this tiny lil thing called USB-stick ?
How do you treat them ?
SysAid CEO
62
 
I think the IT cannot limit everything. USB sticks are in many cases very important to the business and not just fun.

If you have good Anti Virus and good policy about updates in all workstations then the AV will detect malicious files in the USB-stick and will not allow copy or run.
SysAid Wiz
1768
 
I wish windows had an out of the box group policy for permitting rights to the usb ports only for certain users on certain machines, then I wouldn't have to disable in the bios all the usb ports and password protect them to comply with data theft regulations.
SysAid Wiz
326
 
Whilst they are brilliant i always carry 4 Gig on me it is a fine balance to manage the risk

i fully agree that keeping updates and AV up to date will help eliminate the virus/spyware threat. My major worry is theft what could you steal using a floppy, a few batch filess!! Now all it takes is a usb stick or an ipod or any mp3 player and you could export our entire client list on to a device

And i too wish windows offered a built in solution. Instead we have to use thrid party software create an AD group and lock ports down according to the group.

friends or foes ? I still don't know!

This message was edited 1 time. Last update was at Jun. 25, 2008 02:11 PM

SysAider
49
 
Personally I like USB for off site work.
On site I prefer to disable them and have an alert sent to me when someone plugs one in. I deal in patient information and need to comply with HIPAA regs. Not only that but I don't want virus or malware on my network. It has been clean for the past five years. Anything my end users need is on the network. If not, I wil put it there for them.

This is not about controlling what they do but more about keeping my workload to a minimum and allowing me to concentrate on the important stuff. This way all files are organized and easy to find.
SysAid Wiz
915
 
Israel wrote:If you have good Anti Virus and good policy about updates in all workstations then the AV will detect malicious files in the USB-stick and will not allow copy or run.

Anti-virus practically is the last line of defense... I'm not comfortable to rely on it on daily bases. Their days are numbered anyway cause more and more people realize whitelisting is the way cause blacklisting can't cut it... but let's talk about it on another thread.
Plus malware is not the only concern what about company's properties.

Techguy wrote:I wish windows had an out of the box group policy for permitting rights to the usb ports

*shaking head*
No... right is not the problem... it's the willingness to be aware and be vigilant. Users never deliberately infects themselves... they don't know. Some don't even care... I got user shutting down the antivirus client to get extra speed to load up !

Jonathan wrote:i fully agree that keeping updates and AV up to date will help eliminate the virus/spyware threat

Like I said before it's a last defense... besides... AV always one step behind the virus no ? Now think about local version of virus (somewhere in timbuktu) what chance you think the AV vendor be ready for it ...

GBDriver wrote:This is not about controlling what they do but more about keeping my workload to a minimum and allowing me to concentrate on the important stuff. This way all files are organized and easy to find.

I think it's the other way around Driver... by limiting use of USB, workload of IT will rise cause we will act as the single door in and out. Fortunately software such as SysAid ease the pain.
I agree it's not about controlling what they do. But it's more than just convinience for me... it's actually to protect users from themselves. I mean with the users now heavily rely on ERP if the network is down it's hell for them as well, no ? And it only take one of unintentional them to cause havoc...
Nothing breaks my heart more to watch a user's face cause he lost all his data and can't blame nobody cause he's the "carrier".
SysAid Wiz
326
 
Jonathan wrote:i fully agree that keeping updates and AV up to date will help eliminate the virus/spyware threat

obelix wrote:Like I said before it's a last defense... besides... AV always one step behind the virus no ? Now think about local version of virus (somewhere in timbuktu) what chance you think the AV vendor be ready for it ...


Like i said it will help eliminate Virus/Spyware but you must take a layered approach and relying solely on desktops Anti virus is not he best way to protect the LAN. Hench whilst i love my usb key i fell that the only safe approach we can take is to lock out all usb devices unless authorized by IT

This message was edited 1 time. Last update was at Jun. 26, 2008 06:10 AM

SysAider
9
 

I think best way is trying to educate users about potential risks. It is too big burden for IT to try to eliminate all potential risks.
SysAid Wiz
915
 
*smile*
You ever tried it ?
SysAid Wiz
326
 
bbogataj wrote:
I think best way is trying to educate users about potential risks. It is too big burden for IT to try to eliminate all potential risks.


I am surprised you said that yes it is a nightmare when IT have to control all aspects but it is not just a simple as introducing viruses. People can download entire customer lists, billing history on a USB key and then loose it!!

In general users just don't think about security and confidentiality of information. It is these two issues that are the real worry
Super SysAider
63
 
bbogataj wrote:
I think best way is trying to educate users about potential risks. It is too big burden for IT to try to eliminate all potential risks.


The problem, though, is that most users are barely computer literate enough to do their job. When you start throwing things like bet practices at them, they tend to misinterperate the message or it is too much for them to handle. Some don't even understand the basic information. All I can say is, good luck and were it me, I would have a steady supply of aspirin on hand. Maybe even hire a masseuse.
SysAid Wiz
915
 
bbogataj....
Your idea is not a bad one it just a lot more harder than it sound. It's so hard it's almost enter the realm of unrealistic.
There's hope though... IF the users themselves ask for it.
It's very effective when they know they need it and keen to be good at it unfortunately though such revelations usually comes after great loss. But better late then sorry and hopefully those few will mentor and pass on it to the juniors... and so on.
That's why when it comes to training my strategy is always bottom up. I never care what the management think the users might need. If it is not from the users I don't teach...


SysAid Wiz
326
 
Hi have to agree with Obelix. it is extremely difficult to educate end users. Most of them can just about use the applications they have to use. i know mine feel that it is IT's problem so we have to go down he restrictive line. Also it depends on your number we have over 280 users so education is next to impossible!
SysAider
9
 
So, I see we all have similar problems. Of course, it is VERY hard to educate users, but in my opinion it is the way to go. Yes, many times I feel frustrated, but I am trying.

Surely, I like to see users have only minimal rights on the system. But when company standard is to have users with admin rights, and most of global applications run only with admin rights (very bad programmers, but that's another topic), then you are left only with users education.

But if I look back (several years), we have made very good progress. Users at least think (not all ), before doing something very stupid. If they lose data to virus - well, it is their fault, and I say that to them directly. Sure lesson in hard learned, but it is learned


By the way, we have 150 employees and we are part of global company/enviroment.

This message was edited 1 time. Last update was at Jul. 03, 2008 10:27 AM

Super SysAider
63
 
I think we all agree that the users need to be educated and I liked the point Obelix made. Th users have to want to learn it. We have over 150 users and most don't want to know any tricks that will save my department headaches. They just want to come in and do their job and if all hell breaks loose thay call us. My favorite ones are those thattry to blame their problems on us. One of my favorite lines is, "I think this went bad because of the update you guys did on my computer." The updates are applied to a test group at least 2 days before it is applied to everyone, and if there is an issue with them, we check to see what went wrong. The users that usually state that line aren't even in the test group AND they complain a week after the update went through. Call me dumb, but if there was going to be a problem, it would have happened within 2 days of the update being pushed. (some updates require a restart.) Thank God for extra strength aspirin is all I can right now.
Genius is more often found in a cracked pot than in a whole one.
E. B. White