1 Reply Latest reply on Mar 17, 2010 2:08 AM by spooter

    What policies do you use to prevent viruses from USB?

      Hi all,

       

      Having a few problems with users plugging in infected USB sticks at the moment.  I think the AV is doing the job but not always sure...

       

      What policies do you use to prevent viruses from USB?

       

      Regards

        • 1. Re: What policies do you use to prevent viruses from USB?

          Spooter,

           

          Firstly we have disabled the autorun feature in windows using group policy as we were finding this was where the majority of infections were coming in from when user plugged in USB sticks etc.

           

          We also set AV access scanner to scan of both read and write to disks. We then created an exclusion for C:\ when reading.


          This gives the effect of scanning when writing to c:\ and scanning when writing and reading to all other drives. This has proved effective against USB hosted nastys.

           

          Finally, we have enabled artemis scanning which seems to be detecting quite a number of files from peoples USB sticks.

           

          Going forward, we are currently dipping our toes in the DLP pool and playing with policies to prevent access of executables from USB sticks and drives.

           

          Tom