Windows has a feature named "Automount", whereby by default, It automatically mounts a file system and assigns a drive letter to any USB device (or otherwise) that's plugged Into the system. A typical example of this, Is when you Insert your USB stick and It's contents are readily available. In this tutorial, I will show you how to disable automount for all new devices, hence the moment they're Inserted, they will not be recognized by the operating system.
Before I begin, I'd like to reiterate that this apples to new devices that have never been used on the system of which this setting Is applied on. Devices that have been previously plugged In, will continue to function as normal.
So what's the purpose of this? Well, you'd obviously consider currently-used devices as trusted, thus I don't see the need to restrict access to these. As such, If someone with malicious Intent has physical access to your computer and wishes to Inject a virus by plugging In a USB stick, the automount feature will not recognize It's file system and consequently, reject the device.
To disable the automount feature, I will be using a native Windows tool named Diskpart, which operates via the Command Prompt. The process Is a lot easier than you'd Imagine, so let's rip Into this tutorial.
To access Diskpart, open the Search bar and enter cmd. Then right-click Command Prompt at the top, and select Run as administrator.
Next, type diskpart and hit the Enter key on your keyboard. Diskpart will now be ready to use.
To make sure that automount Is currently enabled, type automount and press Enter. You will then see a message of Automatic mounting of new volumes enabled, meaning every new device plugged In will operate as per normal.
It's now time to disable the automount feature for all new devices. Type automount disable and hit the Enter key. Essentially, from this point forward, every new device that's Inserted Into the system, will not function. The message of Automatic mounting of new volumes disabled, confirms that the setting has taken effect.
To put this to the test, I've plugged In my 2 TB USB external HDD, that was not previously used on my computer. As you can see, I've navigated to Disk Management and my HDD Is listed there, however the drive Icon Is not mounted In Windows Explorer. Ultimately, automount has not assigned a drive letter nor a file system to It, therefore It cannot be accessed.
To reverse all changes, simply type automount enable and hit Enter on your keyboard. Previous and new devices will now function as usual. The Automatic mounting of new volumes enabled message, confirms It.
Although this setting can be disabled with ease by someone with malicious Intent (and Insert the USB stick thereafter), given there's quite a number of methods to prevent USB devices and the like from executing, the user will never know for sure as to what methodology has been applied.
Diskpart Is a powerful tool defaulted to the Windows platform and the good thing about this Implementation, Is that It's not commonly-used or known by the majority of computational users.