Enhanced USB Drive Security

Overview

This article details the enhanced USB storage security that prevents programs running automatically from USB drives unless they are trusted and signed. 

USB devices are a common vector for malware and unauthorized software in the CCBC network. This enhanced USB drive security restricts untrusted and unsigned processes that originate from USB drives and helps enhance endpoint security by preventing malicious or unauthorized code from running automatically when a USB device is connected.

This article explains what that means, what you can still do with your USB devices, and alternatives for transferring files.

Audience

Faculty, Staff & Students

Process

Why is this being implemented?

  • Prevent malware execution: Many malware strains spread through USB devices by executing harmful code once plugged in.
  • Enhanced security: Restricting untrusted software helps limit attacks that exploit removable media.
  • Enforce software trust: Only allow software verified by trusted certificates to run, maintaining system integrity.
  • Keeps your data and CCBC's data safe: Prevent unauthorized software from accessing or damaging your files.
     

What does this mean for me and my data?

  • Nothing will change how you use your computer when working with Office files such as:
    • Documents (.docx, .pdf, etc.)
    • Pictures (.jpg, .png)
    • Videos (.mp4)
    • Spreadsheets (.xlsx)
  • USB drives that are used with CCBC computers will have additional protections in place that protect you and your device.
  • See next section for more information.
     

What will change?

  • When using a USB storage device with a CCBC device, certain software that has not been vetted by a trusted entity (software publisher, software developer, company, organization, etc.) will not be able to run. 
  • This does NOT impact non-executable/software related files such as Word docs, Excel sheets, PDF files, PowerPoints, and normal office documents as described above.
  • Software that is ran from a USB drive that has been vetted by a trusted entity and subsequently signed will still be able to run from a USB drive.  


What are some alternatives to using USB Drives?

  • OneDrive​​​​​​​: This is recommended to use rather than using USB drives to move or store files and programs. 

OneDrive is:

  • Secure: files are scanned and protected in the cloud.
  • Accessible anywhere: no need to carry a physical device that can get lost or stolen. 
  • Easier file sharing: send links instead of plugging in drives.

Access your OneDrive here by logging in using your CCBC account.

 

Print Article