In recent years the advancement of technology in organizations and companies has increased the efficiency of employees. far more companies feel the urge to use modern technology in their workflow. The paper document and the traditional methods give their places with modern automated flows, emails, sharing resources and tools like DVDs, USB flash drives, and online file sharing.
In the meantime, stolen company information is one of the main concerns of managers and business owners. Perhaps the problems with the use of USB Ports for many of the network administrators of these organizations are evident. Unfortunately, even in special circumstances in our country, many organizations have not paid much attention to this issue.
In general, the organizations react to this subject matter in five main different levels :
- Organizations that do not care about how to use USB ports in their organization.
- Organizations that take security in this area in general and for the entire organization.
- Organizations that have implemented their policies with individuals. For example, some people are allowed to use USB Ports, and others do not.
- Some organizations apply super-hardware policies (for example, by blocking the USB ports in the system) and in some other software.
- Organizations that use existing software to secure the use of USB in their organization.
Looking at the recent developments over the recent years, it is easy to see that many organizations, even ministries, have suffered damages from the area.
Now let's point out factors that reduce security in the event of serious misuse of the use of USB ports :
- Importing files and information from outside the organization to the organization.
- Exporting the files and information from the organization to the outside organization.
- Use of USB ports and connectivity to various systems and the possibility of spreading malware and hacking systems.
- Personal use of USB flash drives in the office hours (viewing camera pictures, listening to music).
The software in this area generally prevents USB drivers connection to a specific system, thereby increasing its security. From our point of view, this method removes the problem and do not increases the security. For example, network administrators can use USB to make changes to the Active Directory settings for some groups of users.
The USB port management and USB flash driver organization module are one of the modules used in the production of Didehban.
This software provides the following features with regard to network administrator policy :
- The software defines multiple users as administrators, and these users will be able to define their authorized USBs from their system.
- Any user will not be able to use their USB drivers until it's authorized.
- In case user connect an unauthorized flash driver to the system, all information from USB will be recorded and administrators will get notified.
- By attaching any organizational flash to the system, information such as the history of the organization, the user assigned to Flash, the manager who created the flash, the system on which the flash authorized, along with other information will be displayed.
If an unauthorized user acquires corporation management software and tries to allow a USB flash drive, Didehban will generate the appropriate alarm and will provide all the information of the person, such as the IP address, user name, system name, date, etc.
Management software will never run on unauthorized systems.
The algorithms used to code the organizational UBS flash drivers are variable and for each organization, depending on the particular circumstances, the combination of one to ten parameters will vary.