In the corporate world, a lot of time is spent on locking down computers to minimize the risk of confidential information leaving the company. With the popularity of USB storage devices in recent years the problem for large corporations has exploded. Almost all users want to use USB storage devices to move data around. With the size of USB storage devices increasing so much in recent years, the risk is increasing as more and more data could possibly be stolen or lost accidentally. In companies, USB storage devices have been banned completely and disabled from use on company computers.
In Windows Vista there is an alternative that will allow your corporate users to be able to read from USB storage devices but not write any data to them. Effectively turning on USB storage devices for all users but making them read-only. This way users can still read information off of USB storage devices that a third-party vendor may provide data on while preventing the employee from writing any data back to the storage device.
To setup read only USB storage device operation, follow these steps below:
- Click on the Start Button and type in Regedit and hit Enter.
- Navigate through HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control.
- Right click on Control and select New and then Key. Call the new key StorageDevicePolicies.
- Right click on StorageDevicePolicies and select New and then Dword. Call the new dword WriteProtect.
- Right click on WriteProtect and select Properties. Set the value to 1 and hit OK.
The computer is now configured to disable writing to USB storage devices.
