ADC Mass Storage Dilemma's
We currently run a ADC (specifically Application Control) policy to stop read and write to USB Mass Storage as filtered Device ID USBSTOR*. I have found that with more and more users using smart phones or phones that have a storage device to store data and have moved away from using the traditional Thumb drive type devices. This is a problem when you are using SEP to control mass storage as the mobile devices are detected by the OS as different devise ID's. These devices are not always detected as USBSTOR devices in device manager this makes SEP's ADC policy redundant. Some are detected as portable devices with unique device ID's.
Not wanting to invest time and money in creating rules for all differing variants on Mobile device I was wondering if anyone else has come across this and what your experiences are with mobile device storage? Have you moved away from SEP for this Device control, are you using multiple tools to control Mass Storage devices (e.g. Windows Group Policy, DLP agents and SEP...)?
Our goal is to stop malicious data theft and accidental data lose.