GiliSoft USB Lock is an endpoint data loss prevention (DLP) suite designed to lock USB ports, block unauthorized devices, and prevent sensitive data leakage. Installation Step-by-Step
Download: Obtain the latest installation wizard from the official GiliSoft USB Lock product page.
Execute Setup: Run the installer file as an Administrator on the target Windows PC.
Set Account Password: Create a strong master password during setup.
Link Recovery Email: Provide a valid administrative email address to recover the software if the master password is forgotten.
Finish Wizard: Follow the remaining screen prompts and restart your system if prompted. Configuration for Maximum Security
To optimize GiliSoft USB Lock for maximum data defense, configure its controls across these distinct security vectors: 1. Implement Strict USB Storage Restrictions
Prevent external hardware from copying corporate data or introducing malware. Navigate to the USB & Disk Restrictions menu.
Select Disable Reading USB Disk or Disable Writing USB Disk depending on your operational needs.
For absolute lockdown, select Disable USB Disk entirely to render unknown flash drives invisible to Windows. 2. Deploy a Trusted-Device Whitelist
Allow essential corporate hardware to function while blocking employee-owned media. Click on the Whitelist / Trusted Devices setting. Insert an approved, company-issued USB drive.
Click Add to tie that specific device’s hardware ID to the exception profile. 3. Secure Peripheral and Network Ports
USB ports are not the only exfiltration vector; lock down secondary communication channels. Navigate to Device Control within the sidebar.
Check the boxes to disable Bluetooth, Infrared, Com LPT Ports, and 1394 (FireWire) connections.
Set the DVD/CD Burner status to Read-Only to prevent data burning while still allowing disc reading. 4. Turn On Tamper-Proof Protections
Ensure bad actors or standard users cannot bypass the restrictions you put in place.
Go to the application options and enable Password Protect the Application to lock settings changes.
Enable Alarm Notifications under settings to trigger a system alert if someone repeatedly attempts to modify the software or uses a forbidden device.
Turn on USB Monitoring to silently log all insertion histories, blocked actions, and file activities to a secure file log. 5. Restrict Web and Local Application Access
Use the Website Lock tab to blacklist file-sharing networks, cloud storage services, and webmail portals to block secondary digital data leaks.
Use the Programs Lock tab to forbid the execution of Registry tools, command prompts, or alternative file managers that could be used to bypass DLP restrictions. Security Best Practices Matrix Operational Need Best Configuration Choice Impact on Security Shared/Front Desk Workstations Disable USB Disk Storage Completely High protection against rogue physical drops. Active Employee Workflows Deploy Device Whitelist Tracking Restricts data transfers to vetted company hardware. Remote System Maintenance Block Program Execution (Registry/CMD) Stops users from killing the security process. If you want to move forward, tell me:
Are you deploying this on a single personal PC or across multiple employee workstations?
Do your users need access to any specific USB devices like mice, keyboards, or printers? How to Use USB Lock – User Guide for Windows – GiliSoft
Leave a Reply