Preventing write operations to USB block storage devices
My colleague Julius sent this handy tip around on email the other day, and didn't blog about it - so I have! Although it may be more appropriate if you're a security guy, you may find it of use .
Controlling block storage devices on USB buses
What does controlling block storage devices on USB buses do?
This feature provides the ability to set a registry key that will prevent write operations to USB block storage devices, such as memory sticks. When this registry key is enabled, the devices function only as read-only devices. You can implement this setting as part of a security strategy to prevent users from transporting data using these devices.
Who does this feature apply to?
• | Users who do not want data to be written from their computer to a USB storage device. |
• | IT professionals who want to implement organization controls over the use of USB block storage devices |
What settings are added or changed in Windows XP Service Pack 2
Setting name | Location | Default value | Possible values |
WriteProtect | HKEY_LOCAL_MACHINE\System\ CurrentControlSet\Control \StorageDevicePolicies | DWORD=0 | 0 - Disabled 1 - Enabled |
Thanks Julius ...!