TomasDZP 0 Posted February 14, 2022 Share Posted February 14, 2022 Hi, I need to create a policy which will be blocking copying files on mobile devices from our personal laptops. I already created policy where we blocked all usb except these which are allowed and this policy is working correctly but only for USB. Any help please? Thanks Tomas Link to comment Share on other sites More sharing options...
Administrators Marcos 5,277 Posted February 14, 2022 Administrators Share Posted February 14, 2022 How are the phones connected with the PC if not via USB? Link to comment Share on other sites More sharing options...
TomasDZP 0 Posted February 14, 2022 Author Share Posted February 14, 2022 Hi Marcos That`t the problem. They are connected via USB. Link to comment Share on other sites More sharing options...
TomasDZP 0 Posted February 14, 2022 Author Share Posted February 14, 2022 Marcus I´m trying to use policy type "Portable device" see attachment. Am I doing something wrong? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,277 Posted February 14, 2022 Administrators Share Posted February 14, 2022 If you open Device manager in Windows, does the phone appear in the Portable devices section? Link to comment Share on other sites More sharing options...
TomasDZP 0 Posted February 15, 2022 Author Share Posted February 15, 2022 Hi Marcos, Yes phone appears in Portable Devices section. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,277 Posted February 15, 2022 Administrators Share Posted February 15, 2022 I'm not sure if I understand it correctly, you've created a permissive rule for portable devices and at the same time you want to block them? If you change the policy from "allow" to "block", are they blocked? Link to comment Share on other sites More sharing options...
TomasDZP 0 Posted February 15, 2022 Author Share Posted February 15, 2022 Mi Marcos, I want to create a policy which will block copying data from laptops on mobiles or other way via USB. Basically if I connect android phone and allow on that phone "data transfer" I am able to copy any data from my laptop on mobile, using Total Commander for example. My idea is to block this operation. I want to create same policy what we have on USB keys, where every USB keys are blocked except these which we allowed (we have device groups with allowed USB keys) If you change the policy from "allow" to "block", are they blocked? - they are not blocked T Link to comment Share on other sites More sharing options...
TomasDZP 0 Posted February 15, 2022 Author Share Posted February 15, 2022 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,277 Posted February 15, 2022 Administrators Share Posted February 15, 2022 Could you please connect a phone which is not blocked via the rule to Endpoint, click the Populate button in the Device Control rule editor and check if the detected information match those specified for "dovera" device group including possible leading or trailing spaces? Did you manually enter the vendor, model and serial number or you used the Populate button to get this info? If you remove "vendor" from "dovera" device group, does the rule work then? Link to comment Share on other sites More sharing options...
TomasDZP 0 Posted February 15, 2022 Author Share Posted February 15, 2022 Actually the group "dovera" contains USB keys informations. I thought the policy how is created allows only devices which are in the "dovera" device group, so imho I thought that everything should be blocked except these which are in "dovera" group. Am I wrong? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,277 Posted February 15, 2022 Administrators Share Posted February 15, 2022 You should create another blocking rule for all portable devices and put it below the permissive rule in the list. Link to comment Share on other sites More sharing options...
Recommended Posts