USB ports on desktop computers may result in significant security risks. Two reasons are: sensitive data may be copied onto USB-connected removable media; also, software can be run off the removable media, thus resulting in a number of possible threats to both the computer inserted into and the whole intranet.
To handle this in Windows XP, a registry tweak should be used, to make all the plugged USB devices read-only.
To achieve that, open your registry editor and navigate to
HKLM\System\CurrentControlSet\Control
and create a new key StorageDevicePolicies. Within that key create a new key StorageDevicePolicies, and within it,
add a REG_DWORD value with name WriteProtect and value of 1.
The change mentioned may be distribute it via logon script; you can also use group policy to do that.
To handle this in Windows XP, a registry tweak should be used, to make all the plugged USB devices read-only.
To achieve that, open your registry editor and navigate to
HKLM\System\CurrentControlSet\Control
and create a new key StorageDevicePolicies. Within that key create a new key StorageDevicePolicies, and within it,
add a REG_DWORD value with name WriteProtect and value of 1.
The change mentioned may be distribute it via logon script; you can also use group policy to do that.
