Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 1403 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Question regarding: "Security tips for network administrators - Enterprise"

kozlik

"Security tips for network administrators - Enterprise" (http://www.sophos.com/security/best-practice/10-tips.html)

10. Disable unused USB ports

Many devices, when connected to a USB port, will be automatically detected and mounted as a drive. USB ports can also allow devices to autorun any software connected to it. Most users are unaware that even the safest and most trusted devices can potentially introduce malware into the network. To prevent any accidents, it is much safer to disable all unused ports.

==========================

I'm writing to find out if this means that we should be disabling autorun entirely for all removable devices or if we should only be disabling USB ports.  How much risk are we at on a machine with Sophos that has current definitions and autorun enabled for USB and/or CD-ROM.

Thanks,

John

:1270


This thread was automatically locked due to age.
Parents
  • 0

    Hi Kozlik,

    Like a lot of security, this is security vs usability.

    The most secure way would be to disable any way users can put data onto a nework.  You can disable removable drives via device control.  But your users might need to use these.

    The middle ground would be to disable autoplay for all drives.  This way, they can still use these devices, but nothing will automatically play.

    The least secure is leaving autoplay enabled and allowing full access.  I would say this is a terrible idea.  A lot of malware uses autoplay nowadays, including the well known Conficker worm.

    It all depends on the need for such things.

    Hope that helps.

    OD

    :1273
Reply
  • 0

    Hi Kozlik,

    Like a lot of security, this is security vs usability.

    The most secure way would be to disable any way users can put data onto a nework.  You can disable removable drives via device control.  But your users might need to use these.

    The middle ground would be to disable autoplay for all drives.  This way, they can still use these devices, but nothing will automatically play.

    The least secure is leaving autoplay enabled and allowing full access.  I would say this is a terrible idea.  A lot of malware uses autoplay nowadays, including the well known Conficker worm.

    It all depends on the need for such things.

    Hope that helps.

    OD

    :1273
Children
No Data
Unfiltered HTML