Disabling USB thumbdrive access on an OSX account - for security issues
Hi
I have series of 'secure' meeting rooms with Macs for taking notes and developing and viewing documents.
The documents are transferred by specific admin staff to and from the machines to a secure network server located in a nearby location.
The machines are not networked in any way at all ie. no ethernet or wireless allowed and consequently not connected to any server.
They have usb connected laser printers, for basic record keeping and proofs etc, a keyboard and mouse, and they are spec'ed with CDROM drives only so that burning CD's and DVD's is impossible.
As well as english commonly used software like MS word, CS studio etc. I have several non-english page design/layout software packages running on them that allow multiple different languages to be viewed in them - so we dont use simple finder - just the basic OSX parental controls - which works fine atm.
Currently the admin staff have an admin account and we let them do all the transfer of files on and off the mcahines - wipe the files etc using the admin account.
However - now due to issues with 'unauthorised' USB drives being taken in to these 'secure' rooms 'inadvertently' and possibly purposely - I now need to disable completely the ability to access USB thumbdrives from the controlled account - ie. no read or write access. [except on the admin account]
How can i do this? .
..and still maintain read/write access to them via the Admin account?
Parental controls seems rather limited for this purpose of limiting device access for saving etc.
Is there an alternative way to limit access to USB devices?
Any suggestions welcome.
Thanks
Message was edited by: fluids
I have series of 'secure' meeting rooms with Macs for taking notes and developing and viewing documents.
The documents are transferred by specific admin staff to and from the machines to a secure network server located in a nearby location.
The machines are not networked in any way at all ie. no ethernet or wireless allowed and consequently not connected to any server.
They have usb connected laser printers, for basic record keeping and proofs etc, a keyboard and mouse, and they are spec'ed with CDROM drives only so that burning CD's and DVD's is impossible.
As well as english commonly used software like MS word, CS studio etc. I have several non-english page design/layout software packages running on them that allow multiple different languages to be viewed in them - so we dont use simple finder - just the basic OSX parental controls - which works fine atm.
Currently the admin staff have an admin account and we let them do all the transfer of files on and off the mcahines - wipe the files etc using the admin account.
However - now due to issues with 'unauthorised' USB drives being taken in to these 'secure' rooms 'inadvertently' and possibly purposely - I now need to disable completely the ability to access USB thumbdrives from the controlled account - ie. no read or write access. [except on the admin account]
How can i do this? .
..and still maintain read/write access to them via the Admin account?
Parental controls seems rather limited for this purpose of limiting device access for saving etc.
Is there an alternative way to limit access to USB devices?
Any suggestions welcome.
Thanks
Message was edited by: fluids
Towers, Powerbooks, Xserves, iMacs etc., Mac OS X (10.4.10)
