Device Control

The threat of unauthorized use of USB key drives or other removable storage device installation on client computers creates significant security risks for many organizations. A malicious user can potentially use a removable storage device to steal a company’s intellectual property. An attacker could also use a removable storage device with malicious software configured on it that includes an “Autorun” script to install malicious software on an unattended client computer. Windows Vista enables IT administrators to use Group Policy to help manage installation of unsupported or unauthorized devices. For example, you can allow users to install entire classes of devices (such as printers), but disallow any kind of removable storage device. An administrator is allowed to override these policies to install authorized hardware. Windows Vista now also supports user-level access controls for read and write access to installed devices. For example, you can allow full read and write access to an installed device such as a USB flash drive to one user account, but only allow read access to another user account on the same computer. Additional information about device control and how you can configure it is included in Microsoft’s Step-By-Step Guide to Controlling Device Installation and Usage with Group Policy

Belgeci , 2280 belge yazmış

Cevap Gönderin