This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 2.5 License.
The following was posted to Web4Lib this afternoon:
Subject: Disable USB drives on public computers
“This article provides a way to do this, while still allowing the use of USB peripherals such as mouse, keyboard or scanner. This only disables the storage drivers. This could have uses in preventing users from copying data from the computer, or running un-approved software from a portable device.”
The posting also included a link to the article which itself included downloadable software to make it even easier to disable a patron’s ability to use a USB drive. You may correctly assume that I’m not posting the link because I strongly disapprove of librarians doing any such thing. If you insist this is a must for your library you’ll need to go find the instructions and/or tool yourself as I’ll have no part in it.
The reasons for not disabling USB drive access are:
There are arguments for denying the USB of USB drives. They are:
Well there are solutions to both of these potential hazards that do not involve denying all of the legitimate uses of these devices. In the case of the first potential problem, set the computer’s BIOS to only boot from the hard drive (as you should have already done to prevent people from booting from floppies,) and set a password on the BIOS to prevent anyone from changing those settings. (Again, something you should already have done. Potential problem number one solved.
As for potential problem number two; use something like Windows Dish Protection, Centurion Guard, or, my personal favorite, Deep Freeze. If someone installs something on your computer, just reboot and it’s gone. Potential problem number two solved.
So, answer the question I posed in the title of this post, there’s no security risk from USB drives that can’t be solved in ways that won’t also hurt the other 99% of your patrons.