Am new around here, so hope I have this thread in the right place.
We had an issue where a visitor to the school (supporting staff on an area of work) brought in some information on a memory stick, popped it into a USB port and a virus message came up. Both the visitor and the teacher she was with informed me as soon as they saw me, I did the usual virus scans etc and nothing was detected on our site.
Mentioned it to the head and asked what the policy was with regard to memory sticks and other data being brought into the school - there isn't one! Mainly from the point of view of it being difficult / impossible to enforce (I am on site only 6 hrs per week). We do have a policy of checking all software before it's installed though - partly from a licensing point of view as well of course.
Just wondering what other sites do about memory sticks and other disks containing information - do you have any workable policies? Or do you just make sure the virus software is bang up-to-date!
The only bit of policy that we have which relates to memory sticks is that staff should not keep confidential information on their memory sticks.
Its pretty common sense but wasn't included until the recent problems that have come out in the press re sensitive data.
If/when we get Windows 7 we would probably go down the TPM/Bitlocker route with Notebooks which is part of that concept to.
I don't think many people have, it was something that was included in Vista but because the techonlogy didnt exist to fully implment it the idea wasn't fully adopted.
It looks better than ever in Windows 7 though so it might come in handy.