Under lock and key

While most virus and security threats stem from the Internet, there is another, seemingly innocuous, carrier of infection. And many of us leave our PCs completely defenceless.

These days, with sophisticated firewalls, antivirus and spyware tools, it can be the PC's USB port that is its weak spot. Is it any wonder? You don't need to be an administrator to install USB or FireWire devices. Almost anyone could plug in a USB thumb drive and expose your PC to potential threats.

If the threat of viruses isn't worrying enough, the thought of someone using your USB port to steal sensitive data certainly will be. And it's a big problem. Microsoft representatives told us of customers who have glued up their staff's PCs' USB ports to prevent such a scenario.

In the wrong hands, storage devices can siphon away valuable cargo faster than the Artful Dodger. And seemingly innocuous iPod music players have been cited as a serious security threat, too.

Known as Podslurping, iPods with their large hard drives, USB 2.0 and FireWire connectivity, can be an ideal tool for file-pilfering. Unconvinced? Head to www.sharp-ideas.net/pod_slurping.php, where security expert Abe Usher has developed a python program to demonstrate how easy it is to lift data. It's sobering stuff.

With XP's casual approach to USB security, it takes a third-party program to install some serious law and order. Smartline's DeviceLock 6.0 can restrict the use of USB, FireWire, Bluetooth and Wi-Fi devices, as well as optical and floppy disc drives. DeviceLock can work in conjunction with the Windows Active Directory, allowing network administrators to apply policies to groups of users, as well as individuals.

There's a free 30-day trial at www.devicelock.com.


1. Download the 30-day trial software of DeviceLock 6.0, log on to your PC as an administrator and install the software, choosing the setup option Service + Consoles. When asked whether you want to set up a DeviceLock certificate, choose to skip for now, as this can be carried out post-installation.

2. During installation you may be prompted for a licence code. Simply click Cancel if you'd prefer to use the 30-day trial period. Once setup is complete, you must decide which devices to allow or restrict access to. For stand-alone systems, the best way to achieve this end is through the DeviceLock Management Console.

3. Open the Device Management Console and, if unselected, click the Show/Hide Tree Console so that you get a split view. From the right-hand pane, double-click DeviceLock Service, select Local Computer and click OK. Trial versions will receive a 30-day trial period reminder. Click to close the prompt box.

4. In the left pane, double-click to expand Smartline DeviceLock and open the DeviceLock Service. Right-click Devices and ensure that the Display Available Devices Only checkbox is ticked. Doing so means that you won't be confronted with a list of options that are not applicable to your computer.

5. Expand the Devices list so that you can see the Permissions and Security setting areas. To change the access privileges for particular classes of device, click on Security Settings. This will display a list of devices and their current status. From here, you can simply right-click to enable or disable the devices.

6. For more selective methods of applying restrictions, click on Permissions. Select the device type from the right-hand pane and double-click to edit it. To alter permissions for several devices at a time, hold down <Shift> or <Ctrl>. The Permissions dialogue box will pop up; from here you can restrict access for individual users or user groups.



If you don't wish to use a program such as DeviceLock, there are some precautions you should take to reduce the risk of data being siphoned away. The most obvious of those is to use passwords to restrict access to Windows.

Ensuring that the boot sequence is set to Hard Drive in the system BIOS, is another good move, so that CDs and USB keys can't be used to boot into Windows. Password-protect the BIOS so that settings can't be changed back.

And ensure that your computer case is reasonably tamperproof. Direct access to the motherboard could allow jumper-tampering, which resets BIOS settings to their defaults - and removes your password protection.


THE ROOT OF THE PROBLEM Rootkit Revealer is a handy free utility which, as the name suggests, scans for hidden rootkit-based malware buried within Windows. It's pretty effective, too, managing to find most of the nasties hidden out of the reach of some antivirus programs. Suitable for Windows NT4 or later (www.sysinternals.com).

SECURITY IS NOT A FANTASY VMware Player allows programs to run while safely contained in a virtual machine - especially handy for unstable beta software. And the

download includes the useful Firefox Web browser. It does require quite a bit of processing grunt, though, so owners of modestly specified PCs may want to skip it (www.vmware.com).

LOCK IT UP ONLINE Rather than risk losing all your data, Carbonite's Online PCBackup will lock up critical files at a remote backup site. This is also ideal for when you need to access files from multiple locations but cannot transport your PC - just access them online (www.carbonite.com).

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Michael Haynes

PC World
Show Comments


James Cook University - Master of Data Science Online Course

Learn more >




Back To Business Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?