When it comes to internet security, the words of late German folklorist Walter Anderson come to mind:

We're never so vulnerable than when we trust someone - but paradoxically, if we cannot trust, neither can we find love or joy.

Likewise the words of the Greek philosopher and scientist Socrates are pertinent:

True wisdom comes to each of us when we realize how little we understand about life, ourselves, and the world around us.

To truly secure yourself on the internet you must first remember that their is no almighty, unbreakable secured system.  But you must also do what you can to defend your system against obvious attacks.

One of the best ways you can accomplish that goal is to employ device whitelisting technology.  By carefully administering your device whitelists, you can prevent unwanted external hardware -- USB drives, foreign disc media, or external hard drives -- from being connected to your system.

For knowledgeable users with a bit of time on their hands, this technology is available directly within Windows 7 or Windows Server 2008 R2.  Microsoft offers a useful tutorial here on its TechNet site.

For time-strapped users who might find it impractical to micromanage Windows profiles on single or groups of machines, security and business software vendors are increasingly offering whitelisting capabilities as part of their services package.

If you're not sure about whether or not this is a worthwhile endeavor for your business, consider this:

If it were not for a handful of burned CDs, the U.S. Army would never have allowed hundreds of thousands of classified SIPRNET documents to be illegally obtained a disgruntled private, Spc. Bradley Manning.  With proper precautions against unwanted media, the worst data leak in modern U.S. history could have been prevented. 

It's no wonder that the U.S. military is banning USB devices from its SIPRNET stations.  But a compelling question is -- why doesn't the military just use a whitelist to disallow anything but absolutely trusted devices?

If the idea hasn't been implemented it surely should.

And as for the business users of the world, you should be considering adopting strict device white lists too.  After all the web is hardly a warm and safe place.  It is filled by people who might try to steal your information for fun and profit, should they get the proper opportunity and motivations. 

Allowing uncontrolled hardware access, particularly of thumb drives, is essentially inviting any hacker, disgruntled employee, or would-be engineer to steal whatever secrets they can get at from a workstation.  Furthermore, it opens the door to them installing malicious programs, which can lead to far worse problems.

You can't operate digitally without trusting someone, but you have to be careful about who you trust.  That's the idea behind device whitelisting.

Editor's Note- This article is intended as a general discussion of an important IT/security topic, and by no means is meant as a comprehensive technical analysis of the state of whitelisting.  Feel free to chime in with your thoughts, analysis, or suggestions.