Force Flash Drives to be Secure

[sully127]

I haven't been around in a long time and am glad to see that the forum is still doing well.

I have a question for you guys...

Have any of you ever come across a way to disallow USB devices (or, specifically, flash drives) that don't meet a certain criteria? We're trying to find a way to restrict users from using flash drives unless they are ones which we provide. I'm thinking there should be a way to put some kind of fingerprint like a file or a key on the devices that we issue, and without that fingerprint, the client's workstations wouldn't allow the drive to be used.

So far, I've come up blank in my searches. If this isn't something that exists, it should be; I think there are a number of companies that would pay for such a solution.

 

[gimp]

OS?
AD domain?

moar info

edit: these may or may not be useful, depending on your setup and how you're wanting to restrict access. it looks like they may also restrict access to ALL usb devices; not specific ones, nor allow specific ones. But might be a start?

http://technet.microsoft.com/en-us/library/cc730808(WS.10).aspx
http://smallvoid.com/article/winnt-removable-storage.html
http://smallvoid.com/article/winnt-secure-usb-storage.html

 

[sully127]

single AD domain, Windows shop, primarily still XP, but some 7 thrown in

Looking for something along those lines, but how to make a single exception to it like restrict all usb devices unless it is on an approved list

 

[nitrobass24]

Look at GFI endpoint security. http://www.gfi.com/endpointsecurity

 

[sully127]

Awesome suggestion - that's exactly what I'm looking for. Thank you!

 

[Diakiaoshinsama]

We use USB Disabler. Full site license only costs $200 and it's AD Integrated! Not as robust as GFI, but a heck of a lot cheaper!

http://www.intelliadmin.com/index.php/usb-disabler-pro/