External threats to your company's data get a lot of attention these days. But the internal threats can be just as dangerous.Big companies routinely deal with "insider" data-loss risks. But SMBs may not pay the same attention to this issue -- after all, you know your employees and you trust them, right?

Yet the fact is, people sometimes do stuff they shouldn't. And they may not even know they're doing anything wrong.

That's especially true when it comes to using portable storage devices like USB dongles or recordable DVDs. Maybe an employee wants to make an extra copy of some data just in case. Maybe they want to work on something at home or on their laptop.

And maybe they don't realize that if that data gets lost, misplaced, or stolen, it could cost your business a ton of money.

That's why securing portable storage should be a high priority for your SMB. Larger companies invest in software solutions that can disable USB ports and CD burners remotely, ensuring that employees can't transfer data without permission. They can also make use of tools like the Windows Group Policy Editor to disable remote storage device support.

Don't Miss: NEW! Storage How-To Center

For many SMBs, these solutions are too expensive, too hard to manage, or sometimes both. But there's another way that is far more practical: Using the Windows Registry Editor.

Over the SmallBusinessComputing.com, contributor Ronald V. Pacchiano has a great guide to using the Registry Editor for just this purpose. Even if you don't have an IT staff to handle the job for you, his instructions are simple enough that most users can follow them.

Is this a foolproof method? Not really -- if an employee really wants to work around your restrictions, they can undo the process, especially if they have administrator access to a PC. But it's certainly better than doing nothing, and it sends a clear message to employees about what activities are -- and are not -- OK with you.

Of course, there's another way to get the job done. Some companies have been known to super-glue the USB ports on their systems to make them inaccessible. It's effective, but it's also permanent. (And you shouldn't plan on using a USB mouse or keyboard on these systems, either!)

But good security is always a bit of a trade-off, isn't it?