How to Enable Write Protection for USB Drives in Windows

By default, users can insert a USB disk in the system and read from, or write to it without limitation. There is a policy setting that helps system administrators to restrict the ability of users to write to USB storage devices.

Disable writing to USB drives

  1. Launch Regedit.exe and navigate to:

    (If the StorageDevicePolicies key does not exist already, you need to create it.)

  2. Create a new DWORD value named WriteProtect
  3. Double-click WriteProtect and set its data to 1
  4. Exit the Registry Editor.

The above registry edit corresponds to the following Group Policy Removable Disks: Deny write access setting located at the following branch:

Computer Configuration > Administrative Templates > System > Removable Storage Access

With this setting enabled, users will see the error The disk is write-protected. when trying to write to USB disks.

If the above Group Policy setting is enabled, users will see the following message when attempting to write to USB devices.

“You’ll need to provide administrator permission to copy to this folder”

Administrators can implement this setting as part of a security strategy to prevent data theft using USB devices. This setting works fine in Windows XP through Windows 10.

One small request: If you liked this post, please share this?

One "tiny" share from you would seriously help a lot with the growth of this blog. Some great suggestions:
  • Pin it!
  • Share it to your favorite blog + Facebook, Reddit
  • Tweet it!
So thank you so much for your support. It won't take more than 10 seconds of your time. The share buttons are right below. :)

Ramesh Srinivasan is passionate about Microsoft technologies and he has been a consecutive ten-time recipient of the Microsoft Most Valuable Professional award in the Windows Shell/Desktop Experience category, from 2003 to 2012. He loves to troubleshoot and write about Windows. Ramesh founded in 2005.

Leave a Comment