My wife's employer, which runs a large (several thousand machines) 24/7 network of PCs running XP Pro, recently implemented a network-wide disabling of USB ports on all the client workstations. Most of the workstations are Compaq dc 7600 machines. This was done supposedly to try and eliminate introduction and re-introduction of malware that is allegedly being traced to a mixture of company-owned or personally-owned thumb drives as the source. The theory is: disable the use of ALL thumb drives, scan and clean the virus du jour off the entire network and the thumb drive prohibition will ensure no re-infection. While this is a well-intentioned move on the part of management, it imposes severe work (and convenience) limitation on users and is rapidly moving beyond tolerability.

I told my wife I would try and figure out if there is some way to implement a bypass on her machine only that would not be detectable by administrators. She is not worried about "being caught" with add-on cables or similar attached to her machine. Is there some sort of peripheral add-on device that could be plugged into some other unused port (serial, parallel, whatever) that could be used to connect a thumb drive? Or some other workaround?

Complicating this is the fact that the administrators have always maintained a tight lock on users. Users have VERY little capability/privilege to modify their own workstations. She can't add or remove any software, for example.

It is not clear how the disabling was done, but based on the number of machines whose USB function was disabled in under 24 hours, it appears to have been something done via remote logins or the same process by which admins apply patches, etc. Using Device Manager on her machine, all the entries in the USB section (hub, controllers, ports) all claim that each device is working properly. When a thumb drive is inserted into an unused USB port, there is a couple of "donk" tones and the drive is not recognized or seen. To further muddy the waters, she has a laser printer plugged into one of her USB ports as a local machine (LPT1) that still functions completely normally, as does the BlackBerry cable plugged into another USB port.

Thus, its not clear if it was a USB function that was disabled or the admin people figured out how to disable (refuse to recognize?) thumb drives specifically, or something else.

This is an over-reaction by the employers and needlessly making life hard for employees. She doesn't want to damage any equipment, cause any harm, etc - she just wants to be able to use a thumb drive when necessary, just like all the employees could freely do for the last many years, largely without restriction.

Any suggestions?

Here's the problem; if you need to ask, then you don't know enough to do it with any assurance of avoiding detection. You can't even provide any meaningful information about the method being used to prevent the use of USB drives. Without knowing exactly what the IT department has implemented here, we could only speculate in a manner that is tantamount to playing Russian roulette with your wife's job.