Long Arrow Right External Link angle-right Search Times Spinner angle-left

Blocking and Permitting USB Drives

Deciding what you would like to lockdown in your environment as well as how you would like to lockdown your environment is a vital part of achieving optimum security. Within this scope, falls the use of USB drives. Managing and addressing USB drives is an essential part of security as they are a potential threat to corporate data. There are of course, certain cases in which you might need to authorize the use of USB drives, so here we will cover our bases, demonstrating how to block USB drives, in addition to how to permit them.

Blocking USBs

In this example we are creating the Deny policy at the group level.

  • In the ThreatLocker Portal, navigate to 'Storage Control' -> 'Policies'.
  • On the top right corner, select the group in which you would like to place your policy.
undefined
  • Select 'New Storage Policy' at the top left corner to open a pop-up window.
undefined
  • Enter in a name for the policy, and select 'Deny' -> 'Read and Write' as shown below.
undefined
  • Under 'What type of interface should this apply to (e.g. USB or SATA)?', select 'Select an interface' -> 'USB'.
undefined
  • Once the necessary changes have been made, select 'Save'.
undefined
  • Select 'Click to Deploy Policies'.
undefined

Within 60 seconds, all USB Storage Devices within the selected group will be blocked.

Permitting USBs

For this example we will permit all USB drives on an individual computer.

  • Navigate to 'Storage Control' -> 'Policies' from the ThreatLocker Portal.
  • In the top right-hand corner, select the desired computer.
undefined
  • Select 'New Storage Policy' on the top left-hand corner to open up a pop-up window.
undefined
  • Enter a name for the permit policy and ensure that 'Permit' is selected along with your preference if read, write, or both should be allowed.
undefined
  • Under 'What type of interface should this apply to (e.g. USB or SATA)?', select 'Select an interface' -> 'USB'.
undefined
  • Select 'Save'.
undefined
  • Select 'Click to Deploy Policies'.
undefined

Within 60 seconds, all usb drives will be permitted on the specified computer.