How do you safely manage file transfers when clients come in with USB drives? Currently, we scan these drives with antivirus software directly on the endpoint, which seems risky. I'm considering setting up a dedicated quarantine box—maybe a Linux machine that mounts drives as read-only, scans them with ClamAV, and then only allows clean files to be copied to a different location for staff access. However, I'd prefer not to build this from scratch if a ready-made solution exists. I'm familiar with CIRCLean, but it seems to be outdated. Any other recommendations for a system that maintains file integrity and is easy to manage?
2 Answers
You could definitely use a Raspberry Pi tucked away with a monitor that has a USB port. Set up an icon on the desktop to run a script that scans the USB drive, gives feedback on the scan, and transfers only approved files to a shared location. While it might feel a bit manual, it could streamline the process for clients. Just a heads-up though, for larger files, email won't work, so it might be best to stick with the USB option!
I actually created something similar recently. I set up a Debian box on the guest network to scan USB drives with ClamAV, and once the scan is complete, the files automatically upload to a SharePoint library. They get scanned by Microsoft again before users can download them on their work machines. This keeps things organized and secure!
That makes sense! Sometimes clients do bring in large videos that wouldn’t work for email. Thanks for the insight.