Quite often we hear about how bad USB storage devices are, and how we should block access to them. More often than not, corporations have the policy to block USB drives for a significant part of their organization.
While USB drives can be bad, and access to them should be limited, quite often these policies are not applied. The reason being, that sometimes we need access to a particular USB drive.
USB storage solutions often focus heavily on making sure external storage cannot be used. What they do not focus on, is the ability to make the process of approving USB drives simple, while setting limitations around USB drives.
For example - Say you have a policy that no USB drives can be used, but someone in your organization needs to upload photos to your network from a digital camera. With Storage Device Control software, quite often you are left with a complicated process to permit that device, and then the device is allowed for any types of files.
In the real world, I.T. professions need to make exceptions to rules. They need adjustable parameters, and they need the ability to audit the results of these policies. Businesses need to take a more pragmatic approach to security. They need to permit only what is required and trust nothing else. But that does not mean making it difficult to permit what is required.
ThreatLocker Storage Control makes things very simple. Your I.T. administrator can create straightforward policies to block access to external storage devices. If your users have a legitimate requirement to access a storage device, administrators can open up access to specific devices on an as-needed basis within a few seconds, and with a single click.
It is also extremely important not to grant more access than is required. It is not enough to say a user needs access to a specific camera. The camera should be locked down to only permit access to its specified need, namely - This user can only read jpg files from this device.
ThreatLocker policies give a lot of flexibility when it comes to restricting access to storage devices. Including the ability to limit access to a storage device, not only to a user, computer or group, but also the ability to restrict access to a specific file type, application or even, period of time.