Skip to main content

Prevent Specific Devices From Running On Your PC

Whether you operate In a business environment or have a shared home network up and running, It's Inevitable that users will plug their devices (USB or otherwise) Into your computers, and perform tasks accordingly thereafter. For the security & safety of your overall setup, It's Important to only allow devices that you trust, hence In this tutorial, I will show you how to prevent specific devices from running on your PC.

What you're about to read, applies to devices of all types, but for the purpose of this article, I will be referencing a USB Stick, also known as a USB Flash Drive. The fact Is, you never know for sure If a given device that's Inserted Into your computer, Is malicious-free. All It takes, Is one nasty virus to Infect your entire network, thus compromising your critical files to the point of losing access to the lot- all due to a particular user Inserting their Infected USB Flash Drive.

Moreover, anyone can copy your data onto their device, and use the Information against your wishes. As such, to minimize the risk of loss or exposure of sensitive material, It's crucial to Implement a removable media policy, whereby you make a list of devices, and prevent those you don't want accessing your systems.

I will demonstrate how to do this, by using the good old Group Policy Editor. Do note that the GPE Is only available In Windows 10 Pro, Enterprise and Education editions. If you're running either of these, then this tutorial will certainly fulfill your needs. So without further delay, let's get this started.

Step One:

When you've made a list of the devices that you want to block, head over to Device Manager by opening the Run menu, entering devmgmt.msc  and hitting OK.

Step Two:

Next, select the device by right-clicking It and choosing Properties. In my case, I will prevent my USB Stick from running on my PC.

Step Three:

Now click on the Details tab and via the drop-down menu, select Class GUID. Under value, copy & paste It Into your favorite text editor. Each device will have It's own GUID, thereby separating It from the rest.

Step Four:

Time to access the Group Policy Editor. Open the Run menu, enter gpedit.msc and hit OK.

Step Five:

The Group Policy Editor will now open, so navigate to the following directory.

Computer Configuration > Administrative Templates > System > Device Installation > Device Installation Restrictions

Then on the right pane, double-click on Prevent installation of devices using drivers that match these setup classes.

Step Six:

To the left of the Window, click the Enabled radio button, hit the checkbox as outlined In orange and then click the Show button.

Step Seven:

Now In the Value field, enter the GUID of the device(s) that you copied In Step Three above. When done, hit OK.

Step Eight:

To finalize the process, simply click Apply > OK.

Last Step:

Plug In the device(s) that you've blocked Into any USB port, and you'll find that they're not recognized by the operating system, thus not functional. As you can see In the Image below, I've tried accessing my USB Stick and an unavailable error message has been returned. Perfect!

Final Thoughts:

Given that the GUID Is unique to every device, preventing access using this methodology Is very effective Indeed. As mentioned at the beginning of this article, you never know for sure whether a particular device Is malicious-free, hence I strongly suggest plugging unknown devices Into a test computer and grabbing the GUID thereafter.

To reverse the change and have the device functioning as per It's original state, refer to Step Six above, click the Enabled radio button and hit OK.


Popular posts from this blog

How To Decode The Windows 10 Product Key

Every Windows 10 operating system that's Installed and activated on the computer, has what's called a Product Key , that Is either pre-Installed by the manufacturer, or added by the end user when formatting their PC. In order to have a fully-functional OS, It must contain a valid Product Key. Whilst there are many tools that can extract It from the operating system, In this tutorial, I will show you how to manually decode the Product Key.

How To Create A Fake File Of Any File Size

Depending on your business environment or Individual requirements, sometimes there Is the need to test files of a given capacity. Such tests can Include Identifying how well your hard disks perform under heavy read/write operations, or to establish whether files can be securely deleted beyond recovery. Whatever the reason may be, In this tutorial, I will show you how to create a fake file of any file size. 

Add The Briefcase Feature To Windows 10

Since the release of Windows 95 right through to Windows 7, a built-In utility named Briefcase allows you to store and synchronize files between two or more computers, as well as removable media such as a USB flash drive. In Windows 10 however, It's no longer available but It can still be created. As such, In this tutorial, I will show you how to add the Briefcase feature back Into Windows 10 .