- CD and DVD Drives - All optical devices which includes HD-DVD and Blu-Ray drives.
- Floppy Drives - Floppy disk drives, including USB Floppy Disks.
- Removable Disks - Flash memory or hard drive based removable disks connected via USB or Firewire.
- Tape Drives - All classes of linear tape device.
- WPD Devices - Windows Portable Devices. Windows-based smartphones, media players, auxiliary displays and CE devices.
The restrictions can also be controlled through these registry settings:User Configuration \Administrative Templates \System \Removable Storage Access
Computer Configuration \Administrative Templates \System \Removable Storage Access
More Info MS Technet : Group policies in Windows Vista/2008
To make a restriction for a device-type, create a registry-key matching the device type:[HKEY_LOCAL_MACHINE \Software \Policies \Microsoft \Windows \RemovableStorageDevices]
- CD and DVD Drives - {53f56308-b6bf-11d0-94f2-00a0c91efb8b}
- Floppy Drives - {53f56311-b6bf-11d0-94f2-00a0c91efb8b}
- Removable Disks - {53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
- Tape Drives - {53f5630b-b6bf-11d0-94f2-00a0c91efb8b}
- WPD Devices needs two keys:
- {6AC27878-A6FA-4155-BA85-F98F491D4F33}
- {F33FDC04-D1AC-4E8E-9A30-19BBD4B108AE}
- Deny_Read - Enabled = 1 / Disabled = 0
- Deny_Write - Enabled = 1 / Disabled = 0
Credits Sanx.org
This post refers to Windows Vista and Windows 2008 environments. Will the GPO also handle Windows XP for restricitng access to removable storage devices?
See Restrict access to USB storage devices for WinXP settings. And see client side extensions for how to implement standard registry settings as group policy.
If you want the extra security then you need to upgrade to Windows Vista/2008/7.