There are many attack vectors that IT admins must secure to ensure that their organization is properly protected. One of these key risk areas is USB storage devices. USB sticks have been known to carry malware, and, on the other side of the spectrum, malicious end users have also been known to use these USB ports to plug in external hard drives and copy data. Either way, these are both significant attack vectors that IT must shut down. For many organizations, there is rarely even a need to have USB storage devices inserted into the machines. Rather than leaving this attack vector open, it is critical that these IT organizations have the ability to control the use of these USB storage devices. In this post, we will examine how IT admins can disable USB storage devices on Macs with ease.
Policy Control on Macs?
The biggest difficulty with this security protocol is figuring out the best way to implement and enforce it. Training, of course, is the first method to gain compliance, but even then many end users will either forget to follow through or ignore it. For some, the convenience of using a USB thumb drive or attaching an external hard drive may be too much to walk away from. There is a better route though: setting a Policy over the Mac machine to automatically implement the change and enforce it going forward.
But wait, a policy? Aren’t Group Policy Objects (GPOs) only available for Windows® systems?
You’re right. GPOs are a Microsoft® Active Directory® concept that have allowed IT admins to gain intricate control over their Windows systems. But, this doesn’t mean the concept of policies is limited to Microsoft. As a matter of fact, JumpCloud Directory-as-a-Service® released a Policies feature and it is providing admins with GPO-like control over all systems (Mac, Windows, Linux) in their environment.
With JumpCloud’s Policies feature, admins can easily and quickly set a policy to disable the ability to connect a USB storage device into an end user’s Mac. This policy can be set via the (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Jon Griffin. Read the original post at: https://jumpcloud.com/blog/disable-usb-storage-devices-on-macs/