Device Control - USB Devices
Is it possible to be able to restrict access to USB's my a unique ID - such as serial number?? Currently you can restrict my model but that doesn't stop an employee bringing in their own USB stick if it is the same make and model we us??
Basically we want to be able to issue USB sticks out to staff and only allow those precise devices to connect. Not any device that happens to be the same model.
@David: Thanks for your post. But we dont use Sophos Central. We´re using the Enterprise Console.
I have seen that the stick appear in the device manager as a USB device and also as a drive. There should be the possibility to include both in the policy, because the InstancePath is different.
David Emms commented
Sophos Central -> Endpoint Protection -> Policies -> Peripheral Control -> Base Policy -> Settings
If you change this to 'Control access by peripheral type and exemptions'
Then, change 'Removable storage - XX detected to 'Block'
Then, click 'Peripheral Exemptions' -> 'Add Exemptions'
Change the drop down box to 'Removable storage'
Tick the device, change Policy to 'Block' and Enforce By to 'Id'
Does this meet your requirements?
restrict / allow acces to USB Devices with VendorID & PID would be very helpful (Device Instance Path or Device ID from USB Device)