DataSecurity Plus' data leak prevention capability ensures that your organization's data stays safe, secure, and is not leaked outside the organization via removable storage devices. This software also helps prevent the infiltration of harmful malware by blocking USB read, write, and execute actions.
How to write-protect USBs
- Download and install DataSecurity Plus.
- Open the DataSecurity Plus console and select the Data leak prevention module.
- Navigate to Configuration > Prevention Policies > External Device Control.
- Under Configuration, click + Add New Profile at the top-right corner.
- Enter a suitable Profile Name and Profile Description.
- Choose the Actions that you'd like to restrict.
Note:
- To make a pen drive read-only, select Deny Write Access from the list of Actions.
- The Deny Execute Accessstrong> action ensures that malware does not enter the endpoint via USB devices.
- If you want to stop the use of peripheral devices operating on Bluetooth, Wi-Fi, or the CD/DVD Drive, select Block in the corresponding drop-down.
- Click Save
The External Device Control prevention policy is now created.
This newly created profile needs to be added to the Prevention Policies to ensure that it's applied to the desired endpoint devices or groups. Follow the below steps to add the profile to a prevention policy.
- Click Policies on the left pane, and select + Add Policy at the top-right corner.
- Enter a suitable Policy Name and Policy Description.
- Add the endpoint devices or groups for which you want to apply the policy.
- Select the policy that you just created from under the Prevention Policies drop-down, and click Save.
The policy is now applied to the selected endpoint devices and groups and can restrict the configured USB actions.