Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
504 Views 5 Replies Latest reply: Jan 9, 2014 7:13 AM by rmetzger RSS
romainl Newcomer 2 posts since
Jan 7, 2014
Currently Being Moderated

Jan 7, 2014 3:52 AM

Automatic USB scan

Happy new year to everybody.

 

 

I work in a french hospital. We use McAfee Enterprise 8.8.

 

Doctors use more and more usb flash drives, and i guess that can cause some problems. Is there a possibility to set-up an automatic scan when the user inserts the drive, before he can use it ? If so, can you tell me how to do it (or at least, give me a link to a documentation - tutorial, i didn't find it !)

 

If not, i will have to disable all USB ports but i'm not sure people will like this solution

 

Thanks a lot,

 

Ce message a été modifié par: romainl on 07/01/14 03:52:29 CST
  • Ex_Brit Volunteer Moderator 59,528 posts since
    May 6, 2004
    Currently Being Moderated
    1. Jan 7, 2014 4:57 AM (in response to romainl)
    Re: Automatic USB scan

    Moved to VSE for better support.


    https://community.mcafee.com/servlet/JiveServlet/downloadImage/2-143933-5189/78-49/Peter.gif
    Toronto • Canada
    Volunteer Moderator
    I can't help you privately - please post in the Forums
    Use Advanced Forum Search To Find Answers
    Beta Test McAfee Products For PC & MAC
    How To Fix File Associations in Windows
    XP & Office 2003 End-Of-Life - 08 April, 2014
    Anti-Spyware/Malware & Hijacker Tools
  • rmetzger Champion 566 posts since
    Jan 4, 2005
    Currently Being Moderated
    2. Jan 8, 2014 3:03 PM (in response to romainl)
    Re: Automatic USB scan

    Hi romainl

     

    Welcome to the forums.

    romainl wrote:

     

    I work in a french hospital. We use McAfee Enterprise 8.8.

     

    Doctors use more and more usb flash drives, and i guess that can cause some problems. Is there a possibility to set-up an automatic scan when the user inserts the drive, before he can use it ? If so, can you tell me how to do it (or at least, give me a link to a documentation - tutorial, i didn't find it !)

     

    If not, i will have to disable all USB ports but i'm not sure people will like this solution

    Scanning entire USB (flash) drives 'automatically' is not very effective at stopping malware. It is very effective at killing performance and making USB drives useless. Performance issues with the USB interface, coupled with the recent incredible sizes of new USB attached drives can make scanning the entire drive so painfully slow that your doctors would find the system unusable.

     

    A better strategy is to scan all files upon Read and Write to the drive. As long as this is done, scanning the entire external drive is simply redundant without value. The On-Access Scanner can handle this nicely without the performance penalty of scanning the entire drive. Scanning the entire external drive before allowing access is simply a plecebo scan, used to placate the uninformed or the paranoid.

     

    Make sure that from the Control Panel:

    On-Access Scan Properties>All Processes>Scan Items>Scan Files

         Check "When reading from disk"

     

    Make the equivalent settings change from ePO if available.

     

    This will ensure that any file on the USB drive is scanned prior to execution (autorun or otherwise).

     

    This setting should be in place regardless of external drives as this is an Absolute Requirement for stopping many forms of malware, for internal drives too.

     

    In addition, make sure that from the Control Panel:

    On-Access Scan Properties>All Processes>Scan Items>Scan Files

         Check "When writing to disk"

     

    to ensure that files written to the USB drive are scanned during the write process.

     

    These 2 settings should protect against spreading malware when keeping the signature files completely up to date.

     

    Of course a bigger problem is the loss of control of information sent to a USB drive out of the control of Security. Are doctors taking this info home? What is the security status of the non-hospital controlled PCs that these drives are subsequently used? Can you ensure patient privacy?

     

    So, possibly disabling USB ports may be a solution. Check out McAfee DLP (Data Loss Prevention).

     

    Good luck,

    Ron Metzger

     

    Message was edited by: rmetzger on 1/8/14 3:54:50 PM EST

     

    Message was edited by: rmetzger on 1/8/14 4:03:32 PM EST
  • rmetzger Champion 566 posts since
    Jan 4, 2005
    Currently Being Moderated
    3. Jan 8, 2014 3:17 PM (in response to romainl)
    Re: Automatic USB scan

    Hi romainl,

     

    Check out this Entire thread for some good info.

    https://community.mcafee.com/thread/51185?start=0&tstart=0

     

    Ron Metzger

  • rmetzger Champion 566 posts since
    Jan 4, 2005
    Currently Being Moderated
    5. Jan 9, 2014 7:13 AM (in response to romainl)
    Re: Automatic USB scan

    Your welcome, and good luck.

     

    Ron Metzger

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points