Using USB for data transfer is risky?

[ChaluCh]

I have recently started using the USB pen drive for transferring the data. Since, I am not having much knowledge about the data transfer I want to ask here some queries. My friends told me that using USB for data transfer is not safe, its risky.!! I am not able to understand why many (even experts) say like this..??!! Since, you people have helped me last time, I thought to clear my doubt here. So I am back. Just tell me that is really using USB for data transfer is risky? Please tell me everything in details. I am hoping that I will get the some solutions soon.

[afidelino]

There is no easy task, computer systems or even entire networks against hacker attacks, viruses or other security threats to secure. This will confirm any IT managers and administrators, it can also obviously be no absolute security. Thus, the systems and the corporate network not only with anti-virus programs and firewalls equipped. Instead, users are consuming measures to authenticate as important as solutions, intruders can quickly find the (IDS - Intrusion Detection) or illicit flow of data prevent the (DLP - Data Loss Prevention). Since these types of problems for quite a while there, system administrators and users have been on the XP systems looking for a way to regulate access to the USB ports on the operating system. In the absence of relevant skills has been integrated into the operating system to, as so often in the older Windows systems to access the registration database (registry) is selected. Any experienced system experts will confirm, however, that a change has affected "by hand" at this central Windows database to manage the system and its services are at high risk: changes that are done there are always activated immediately and may, accordingly, a Windows system damage the long term.

[Jevin]

Nevertheless, this attitude, which has installed USB drives is off, so the user can not use it, still used. One of its advantages is that it works on both old and the new Windows systems. To do this in the registry key set HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ USBSTOR the hexadecimal value of the entry "Start" to 4. Thereafter, a user can still use USB devices like keyboard and mouse, but will not be able to access storage devices. The handling of this method is very complicated, because a system administrator needs to incorporate a call to the Registry Editor's login script. It also must ensure that this setting is also effective for new equipment (through another script), because Windows always when installing a new device at this point enters the value 3, which allows access.

[Aienstaien]

In many cases, it is particularly in smaller companies a gap overlook the dangers have also increased substantially by the rapid advances in consumer devices: the peripheral devices to each PC, and most particularly the devices connected via USB ports to the PC be. Was it at the time of the 3.5-inch floppy disk or a maximum of 1.4 megabytes of data on a disk with it could cause a user, there are now USB flash drives with several gigabytes of storage space or even portable hard drives that are easily also hold some 500 gigabytes of data. The USB ports have universal interface developed on the memory sticks and consumer devices such as smartphones, cameras and MP3 players can be connected to the storage capacity of tens of gigabytes make available as well - can then quickly complete customer database "travel" to go. It does not even have malicious intent behind the "brain drain" to insert the data - more and more security experts warn of the dangers posed by lost USB sticks or portable devices that are sensitive data. Many companies therefore conduct a policy that would permit a storage of data on external devices only when they are dropped on it according encrypted. Users and companies that only with new operating systems like Windows 7 can work, this integrated functionality Bitlocker use the operating system, a transparent encryption, use data on USB devices.

[Rixwel]

You have looked at solutions use so-called agents. It is an independent, executable programs, which in most cases as Windows on the monitored system to be installed service. Typically, a system administrator can succeed with their help in solving the previously created policies on the PCs. All solutions can thereby use white or black lists. These are lists of devices, their use is permitted or prohibited on the PCs. Here, the practical experience that block principle in most cases the use of white lists that enumerate all allowed devices and all others, is more appropriate: The use of a blacklist, which blocks only appear on the list of devices currently protect almost from unknown devices. It is also important that the user may have no way to manipulate these agents in any way, or even removed by means of its access rights to their PC easily. Therefore also have a number of security companies on the endpoint security and thus for, inter alia, the protection and monitoring of USB devices on the flag and offer appropriate solutions. The spectrum ranges from simple tools to verify the connected USB devices up to complete security suites, which allow also involving an existing directory service to roll out the necessary guidelines on the corporate network. We have listed an overview of five companies that offer such solutions. This list is by no means exhaustive and is also is not an evaluation, the programs presented here are examples of the variety of solutions to offer the Mark added.

[Langward]

However, these approaches, a system not well protected from unknown devices. In addition, they allow a system administrator, or very little inadequate, certain individual devices (such as the iPod manager on his computer) to allow the lock or explicitly. Furthermore, these opportunities require very precise knowledge of the system and a considerable effort by the administrator. Applies to the endpoints of a larger network monitor, it will be important in choosing such a solution, how well and easy it is to manage. Here also, all the manufacturers we surveyed to a central console that can be managed from which in principle all tasks. Especially administrators a great Windows - network have to look after, it also helps to find useful, especially if they seamlessly integrates with existing management consoles as possible. We found it particularly useful, for example, that the solution of DriveLock a Snap-in for MMC (Microsoft Management Console) systems has to offer the Windows. For larger networks, it is also important that seamless integration is offered in the used directory service like Active Directory, so that for example a targeted user groups can be excluded from the use of certain devices. Even this requirement is considered by all of us full of solutions, which as a rule, the use of Active Directory directory service and identity eDirectory is supported by Novell.

[RogerFielden]

Among them is an application called USBDeview, attached peripherals may be used for the control. This tool is small and portable and requires no installation. Directly after starting the program shows not only all USB devices that are currently connected to the appropriate Windows system, lists but - similar to the previously presented professional programs - including all the terminals, which previously even with the computer were connected. Even here, a system administrator, please read insightful: Show him the tools yet to clearly whether an employee such as unlawful, be smart phone has a computer connected with. It is very helpful especially the wealth of information that are displayed by USBDeview: While there are certainly devices which appear only with the description, "USB mass storage device", but a glance at the column with the name of the manufacturer can then have more accurate information about the device used to give. The timing of the last connection of the device with the system is listed, so if in doubt even understand when an employee of a particular hardware is connected and used.

[Pkkadam]

USB is the most easiest way of data transfer thats why it is not very secure for very important or very sensitive but if you using it for normal use like media and programs it is good but even that there is risk of trogens what cost total data lost so be alert when connecting to others system there are some programs who copy all data in c drive