Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Block Confidential Data to Mobile Device (Android,BlackBerry,IPhone)

Created: 07 Nov 2012 • Updated: 07 Nov 2012 | 4 comments
Andhika Krisna's picture

Dear All,

I have installed Symantec Data Loss Prevention 11.5 On our Corporate network. I have create a policy (DCM) that can't copy confidential document to non-register USB.

When i try to copy our confidential data to Mobile Device like Android tablet,Iphone Tablet and BlackBerry Phone, Our confidential data succsess to copy but when i try to copy our confidential data to non-register USB it's being Blocked.

I try to use RegexID.exe to find regex id from my mobile device but i can't to find it.

Can any one explain to me for the solution block copy confidential data into Mobile Device (MTP Transfer)? 

Thanks For all your support

Comments 4 CommentsJump to latest comment

Andhika Krisna's picture

I found that MTP used WudfHost.exe for Protocol in Windows. I think we can  registered in the Application Monitoring and add WudfHost.exe to monitor.

cause i don't have any Lab, can someone try this for me ?

Lucas Veiga's picture

Hi, i`m still trying to block. As soon I have anything I `ll post here.

There are many services and process running to enable MTP protocol not just WudfHost.exe

If you run procmon will be detected the follow process:

WPDShextAutoplay.exe
DeviceDisplayObjectProvider.exe
 
Until now all of tests are not positive.
kishorilal1986's picture

Hi Andhika,

Try to block by Class ID of those devices and try to identify associated MTP services to block by Application monitoring block . If possible try to block it by SEP client 12.1 and block the USB ports.

Andhika Krisna's picture

@ K S Sharma

We use DLP because it can block by content. So my customer don't want to use endpoint from SEP. 

Thanks for your support bro :)