Linking USB drive to match Windows password

I work for a housing authority which is arms length managed by a local authority.

We have recently had software called PGP endpoint installed which will be used to lock down the use of USB drives.  This is to conform to CoCO "Government Code of Connection"

So long as we put in a genuine request to their IT department we will be authorised to use a USB drive specifically on our 1 works computer.  

However, we lose flexibility of being able to share large files and does not actually prevent users from storing personal data on a drive that does not have it's own password.

I was wondering if there was anything out there that would enable us to syncronise our USB drive to our windows account.  Each 45 days our windows password expires and requires changing, wouldn't it be good if some how our Windows password also became the password for our USB drive which also expired after 45 days and required connecting back to the office computer each 45 day period.

I know there are lots of secure USB drives with thumb print and password facilities, however, we already have 100's of standard USB drives so to reutilise these would be ideal.
LVL 2
auraorangeAsked:
Who is Participating?
 
☠ MASQ ☠Commented:
Before looking at the synchronisation issue let's look at reusing your USB memory sticks.

Can you not share large files over networked fileshares?  Why do you need to remove them from the secured network?  It would need to be a good business case for the host organisation to compromise like this.

If your organisation is going to be GSI CoCo compliant you must as a minimum have any removable media, including USB removable storage and CD/DVD encrypted with AES 256 Bit encryption (ISO 27001 11.4.7).

Without admin access to the system the only USB encryption that will work requires the hardware to contain the encryption technology which will limit you to something like the IronKey range.

If users have admin rights then they can simply change setting preventing them from using unsecured drives.

Open source solutions like TrueCrypt which would meet the standards you need still need to run the decryption software on the local machine.

If the organisation is serious about GSI then I can't see them allowing you to use the old drives on the secured network.  There's nothing the media like better than a lost USB stick with confidential information on it!

0
 
LeeTutorretiredCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.