Today a desktop computer equipped with a CD writer or a DVD burner is very rare in most of the companies. But a much larger security threat is posed by the open USB ports where mischievous office workers can just plugin the Flash Pen Drive, External Hard Disk or their iPod music player and transfer corporate data or even copy licensed software to their memory sticks in seconds. Sometimes even used for delivering trojans or spyware into the companies networks.
So called SMART ADMINISTRATORS disabled USB Drive access by changing the BIOS settings and then locking it up with a "PASSWORD". Even though they are a step ahead as we don't know the password for BIOS but it is not a fool proof way. As BIOS password can be broken in a simple way.
While some ADMINS simply remove the USB port option to the PC. While some for temporary restriction simply disable "Write Access" to USB port so that no one can copy data files from PC into a USB. Let us see how to disable WRITE PROTECTION option.
NOTE: It is the time to make hands dirty so backup the Registry.
Open the Windows Registry by giving "regedit" command in command prompt. If regedit is not disabled then you can see the registry editor. Now on the Left side of the editor open the following registry key
If your sysadmin has enabled WRITE protection then you can see a DWORD called WriteProtect with its value as 1 in the Right side of the editor. Set the value of WriteProtect as 0 to disable the write protection.
Note: Remember that the above trick works only with Windows XP SP2.
If you like to go a step further and enable connecting USB storage devices to their computers, Open registry and navigate to the following registry key:
Now in the Right pane of the registry editor you can see a DWORD called Start with its value as 4 (Hexadecimal). Change the value to 3 to enable the USB storage devices.