Having a few problems with users plugging in infected USB sticks at the moment. I think the AV is doing the job but not always sure...
What policies do you use to prevent viruses from USB?
Firstly we have disabled the autorun feature in windows using group policy as we were finding this was where the majority of infections were coming in from when user plugged in USB sticks etc.
We also set AV access scanner to scan of both read and write to disks. We then created an exclusion for C:\ when reading.
This gives the effect of scanning when writing to c:\ and scanning when writing and reading to all other drives. This has proved effective against USB hosted nastys.
Finally, we have enabled artemis scanning which seems to be detecting quite a number of files from peoples USB sticks.
Going forward, we are currently dipping our toes in the DLP pool and playing with policies to prevent access of executables from USB sticks and drives.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center
2821 Mission College Blvd.
Santa Clara, CA 95054 USA
Consumer Support | Enterprise Support | McAfee.com
Legal | Privacy | Copyright © 2019 McAfee, LLC