Advisory: Support Portal Maintenance. Login is currently unavailable, more info available here.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Automatic Scan of removable media

Hi,

Is there a way of automatically scanning removable media when attached to a PC? We had an outbreak of conficker a few months back (don't want to go through that again!) and are still getting the odd memory stick attached by teachers that has conficker on. I'd be a lot happier if all memory sticks/USB hard drives were fully scanned each time they were attached!

I am also trying to educate staff to ensure their home PCs are fully protected!

edit - useful info.. We're running Enterprise console 4 and Endpoint security 9

Thanks,

Joe

:691


This thread was automatically locked due to age.
Parents
  • Hi,

    We have talked about this request a fair bit within the product team - it comes up fairly regularly as a request. I think JoeDoe sums up the pros and cons really well. Utlimately there is little to no security benefit from doing a scan upon insertion but there is some end user impact for kicking off such a scan (especially if its crammed with GBs of music and other goodies). Medium term we're looking at adding some functionality within the device control policy to block any executable from running from removable storage which would prevent malware and unauthorised apps from running prior to the on access scan for malware or app control (at this stage I can't comment on when that feature would become available). Right now we make sure all our app control identities cover both standard and "pocket" versions of applications to prevent end users circumnavigating IT policy. Hope this helps.

    BTW it might be possible to write a script to execute sav cli to carry out an ondemand scan when a removable storage device is inserted into the machine.

    Best regards,

    John

    :710
Reply
  • Hi,

    We have talked about this request a fair bit within the product team - it comes up fairly regularly as a request. I think JoeDoe sums up the pros and cons really well. Utlimately there is little to no security benefit from doing a scan upon insertion but there is some end user impact for kicking off such a scan (especially if its crammed with GBs of music and other goodies). Medium term we're looking at adding some functionality within the device control policy to block any executable from running from removable storage which would prevent malware and unauthorised apps from running prior to the on access scan for malware or app control (at this stage I can't comment on when that feature would become available). Right now we make sure all our app control identities cover both standard and "pocket" versions of applications to prevent end users circumnavigating IT policy. Hope this helps.

    BTW it might be possible to write a script to execute sav cli to carry out an ondemand scan when a removable storage device is inserted into the machine.

    Best regards,

    John

    :710
Children
No Data