The USB Port and Storage Card Management Tool is a PowerShell script that allows administrators and users to easily activate, stop, and monitor access to USB storage devices and cards on Windows computers. This solution, which has an easy-to-use graphical user interface (GUI), streamlines device administration while also ensuring compliance with organizational security requirements.
This tool, created largely as a proof of concept, shows how PowerShell scripting may be used to handle device access controls directly within the Windows environment. It works by altering particular registry settings relating to USB storage and storage card access, resulting in instantaneous modifications that apply to the local machine.
While this script-based technique is appropriate for individual or small-scale deployments, it may not be ideal for larger, domain-joined environments that require centralized administration. In such circumstances, using Group Policy Objects (GPOs) or sophisticated security platforms may provide more scalable and controllable solutions. These solutions allow administrators to implement access policies across several systems at the same time, resulting in more uniformity and ease of policy modifications.
Tip
In contexts where GPOs or other centralized administration tools are not viable or accessible, this script may be expanded to accommodate bigger installations with further programming work. Future versions of this tool may contain capabilities that directly allow such scalability, making it more useful in a variety of IT landscapes.
The tool adjusts system behavior by editing the Windows Registry, specifically targeting keys associated with USB storage (e.g., HKLM\SYSTEM\CurrentControlSet\Services\USBSTOR) and storage card access (e.g., HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\System\AllowStorageCard). Changing the value of these keys enables or disables the respective device types.
Caution
It's important to note that registry modifications carry inherent risks, including potential system instability if done incorrectly. This tool carefully manages these changes to minimize risk, but administrators are encouraged to test any modifications in a controlled environment before widespread deployment.
This tool helps to improve system security by offering a simple and interactive way to control device access, while also supporting both immediate demands and anticipated future expansions in device management strategies.
- Enable/Disable USB Storage: Quickly enable or disable access to USB storage devices.
- Enable/Disable Storage Card: Manage access to storage cards with a simple click.
- Dynamic Status Updates: View real-time status of USB and storage card access directly in the GUI.
- Toast Notifications: Receive immediate status updates upon script startup via toast notifications.
- Event Logging: Actions and errors are logged in the Windows Event Log for auditing and troubleshooting.
- Windows 10 or Windows 11
- PowerShell 5.1 or higher
- Administrative privileges
No installation is required. Download the USBManagementTool.ps1 script and run it on your Windows system.
- Open PowerShell as an administrator.
- Navigate to the directory containing
USBManagementTool.ps1. - Execute the script:
.\USBManagementTool.ps1
- Use the GUI to enable/disable USB storage and storage cards. The current status is displayed and updated dynamically.
The USB Port and Storage Card Management Tool provides comprehensive logging of all user actions and any errors that occur during its operation. These logs are crucial for auditing, compliance, and troubleshooting purposes.
Logs generated by the tool are recorded in the Windows Event Log, specifically within the "Application" log. To view these logs:
- Press
Win + R, typeeventvwr.msc, and press Enter to open the Event Viewer. - Navigate to
Windows Logs>Application. - Look for events sourced from
USBManagementTool.
The tool uses specific Event IDs to categorize different types of actions and errors. Here is a breakdown of these IDs for easy reference:
| Event ID | Description |
|---|---|
| 1000 | USB storage devices enabled by the user. |
| 1001 | USB storage devices disabled by the user. |
| 1002 | Storage Card access enabled by the user. |
| 1003 | Storage Card access disabled by the user. |
| 1004 | General information about script operation (e.g., startup). |
| 1005 | Errors encountered during enabling/disabling USB storage. |
| 1006 | Errors encountered during enabling/disabling Storage Card. |
| 1007 | Dynamic status refresh of USB storage devices. |
| 1008 | Dynamic status refresh of Storage Card access. |
| 1009 | Errors or warnings not covered by other specific Event IDs. |
Note
Analyzing these event logs allows system administrators to keep track of how and when USB storage and Storage Card settings are modified, identify illegal modifications, and address device access issues. Each log entry contains the date and time of the occurrence, the occurrence ID, a description of the action or error, and, if relevant, the username of the person who performed the operation.
Tip
For in-depth analysis or automated monitoring, consider using PowerShell scripts or third-party log management tools to filter and alert on specific Event IDs related to this tool.
1.1: Added toast notifications and dynamic status monitoring.
Claudio Gonçalves - Feedback and suggestions are welcome.
Feel free to customize this README.md file as needed, including updating the contact information, adding a section for known issues or FAQs, or providing more detailed instructions on using the tool.