Slashdot Mirror

← Back to Stories (view on slashdot.org)

How to Prevent IP Theft by Your Own Employees?

Posted by Cliff on from the corporate-espionage dept.

Cursed by USB asks: "We are a small software startup based in India. Recently one of our employees was caught trying to steal our IP (work) from a computer using a USB thumb drive. While all the staff computers are devoid of floppy drives, cd writers and internet connections, we simply cannot disable the USB ports since there are a lot of USB enabled peripherals that we use. Apart from trying to hire "trustworthy" people, are there any other bright ideas that Slashdot readers might have in this regard to help prevent such theft from workplace?"

7 of 236 comments (clear)

  1. One idea by DamienMcKenna · · Score: 3, Informative

    One idea would be to protect yourself.

  2. USB Device Scanner by Glamdrlng · · Score: 3, Informative

    It's not a total solution, but GFI Network Security Scanner (used to be LANGuard) can scan for unauthorized USB devices and fire off an alert if it detect one on a scan. Demo available at http://www.gfi.com/lannetscan/.

    --

    Yes, my only tool is a hammer. And you're starting to look like a nail.
  3. Registry control by brontus3927 · · Score: 5, Informative
    If you are using Windows XP with SP2 you can keep block storage devices from being written to. If you have XP but not SP2, this would be a good reason to install the service pack. If your don't have XP, try searching google for software that will provide the functionality
    Start -> Run: regedit

    Find the following key:

    Hive: HKEY_LOCAL_MACHINE
    Key: System\CurrentControlSet\Control \StorageDevicePolicies
    Name: WriteProtect
    Data Type: REG_DWORD
    Value: 0
    This allows writing. Change the value to 1. This will prevent writing. Save your registry and reboot. Of course, it's always recomended to backup your registry before making changes.

    Allegedly, Longhorn will have this control without having to hack the registry.

    --
    Free MacMini
  4. If you're using Linux, you have two options: by Trelane · · Score: 4, Informative
    1. Remove support for USB Mass Storage in the kernel and remove any usb mass storage drivers in the kernel (also disable firewire or do the same for firewire devices)
    2. (if you use 2.6.x or later and udev) Modify your udev rules to make usb mass storage devices (and whatever devices you wish) to appear where you want it to (e.g. in a mode 000 directory) and with the user/group and perms you want it to have.
    --

    --
    Given enough personal experience, all stereotypes are shallow.
  5. Mod Parent Up by j0nb0y · · Score: 3, Informative

    Some problems just can't be solved with technology...

    --
    If you had super powers, would you use them for good, or for awesome?
  6. If you are running Windows XP.... by sybarite · · Score: 5, Informative

    ...you can edit the following registry key to change the value of Start from 3 to 4. This will disable the USBSTOR.SYS driver preventing the use of USB filesystems. It will not disable other types of USB devices.

    HKLM\SYSTEM\CurrentControlSet\Services\USBSTOR

  7. Re:Mistakes by Ithika · · Score: 3, Informative
    But copyright is on your side. You have two years of research and intimate knowledge of the subject to prove you did it (plus, no doubt, grant applications and research statements). The university will have regular offsite backups going back quite a while, all showing what you were doing, which will be fairly hard to forge. The thief has only your results.

    This kind of thing has been tried before; and failed.

    --
    the layman's guide to computer science