Skip to main content


Prevent Specific Devices From Running On Your PC


Whether you operate In a business environment or have a shared home network up and running, It's Inevitable that users will plug their devices (USB or otherwise) Into your computers, and perform tasks accordingly thereafter. For the security & safety of your overall setup, It's Important to only allow devices that you trust, hence In this tutorial, I will show you how to prevent specific devices from running on your PC.


What you're about to read, applies to devices of all types, but for the purpose of this article, I will be referencing a USB Stick, also known as a USB Flash Drive. The fact Is, you never know for sure If a given device that's Inserted Into your computer, Is malicious-free. All It takes, Is one nasty virus to Infect your entire network, thus compromising your critical files to the point of losing access to the lot- all due to a particular user Inserting their Infected USB Flash Drive.

Moreover, anyone can copy your data onto their device, and use the Information against your wishes. As such, to minimize the risk of loss or exposure of sensitive material, It's crucial to Implement a removable media policy, whereby you make a list of devices, and prevent those you don't want accessing your systems.

I will demonstrate how to do this, by using the good old Group Policy Editor. Do note that the GPE Is only available In Windows 10 Pro, Enterprise and Education editions. If you're running either of these, then this tutorial will certainly fulfill your needs. So without further delay, let's get this started.

Step One:

When you've made a list of the devices that you want to block, head over to Device Manager by opening the Run menu, entering devmgmt.msc  and hitting OK.


Step Two:

Next, select the device by right-clicking It and choosing Properties. In my case, I will prevent my USB Stick from running on my PC.


Step Three:

Now click on the Details tab and via the drop-down menu, select Class GUID. Under value, copy & paste It Into your favorite text editor. Each device will have It's own GUID, thereby separating It from the rest.


Step Four:

Time to access the Group Policy Editor. Open the Run menu, enter gpedit.msc and hit OK.


Step Five:

The Group Policy Editor will now open, so navigate to the following directory.

Computer Configuration > Administrative Templates > System > Device Installation > Device Installation Restrictions

Then on the right pane, double-click on Prevent installation of devices using drivers that match these setup classes.


Step Six:

To the left of the Window, click the Enabled radio button, hit the checkbox as outlined In orange and then click the Show button.


Step Seven:

Now In the Value field, enter the GUID of the device(s) that you copied In Step Three above. When done, hit OK.


Step Eight:

To finalize the process, simply click Apply > OK.


Last Step:

Plug In the device(s) that you've blocked Into any USB port, and you'll find that they're not recognized by the operating system, thus not functional. As you can see In the Image below, I've tried accessing my USB Stick and an unavailable error message has been returned. Perfect!


Final Thoughts:

Given that the GUID Is unique to every device, preventing access using this methodology Is very effective Indeed. As mentioned at the beginning of this article, you never know for sure whether a particular device Is malicious-free, hence I strongly suggest plugging unknown devices Into a test computer and grabbing the GUID thereafter.

To reverse the change and have the device functioning as per It's original state, refer to Step Six above, click the Enabled radio button and hit OK.



Comments

Popular posts from this blog

How To Decode The Windows 10 Product Key

Every Windows 10 operating system that's Installed and activated on the computer, has what's called a Product Key, that Is either pre-Installed by the manufacturer, or added by the end user when formatting their PC. In order to have a fully-functional OS, It must contain a valid Product Key. Whilst there are many tools that can extract It from the operating system, In this tutorial, I will show you how to manually decode the Product Key.

How To Create A Virtual Machine Using VMware

A virtual machine, often abbreviated as a VM, Is a software program containing an operating system that's Installed on the physical machine (PC), and operates In It's own Isolated environment. Every task performed In the VM, remains there, without affecting the main computer. Every user should have a virtual machine up and running, so In this tutorial, I will demonstrate a detailed guide on how to create & Install a virtual machine on your computer, namely VMware Workstation.

Check The Health Of Your Laptop's Battery

When you first purchase your laptop and fully charge the battery thereafter, It runs at It's optimal state for quite a while. However, over time, It Inevitably decreases In performance, and does not hold It's charge capacity as per It's brand new state. This Is due to wear & tear, and a few other factors. It's very Important to know the condition of your battery, so In this tutorial, I will show you how to view the current status and health of your laptop's battery.