I would like to have policies that apply to all computers, but allow them to be overridden when certain users log in.
For example, I would like a policy applying to all computers that blocks usb drives. However, if our one of our directors wants to log in and use a thumb drive I don't want the blocks to affect them. Is it possible to set policies for specific users that override the policies set on computers?
I've searched and read a bit on this, and it doesn't sound like SEP can do what I want, but I'm not sure. It doesn't quite make sense to me based on what I've read.
Mainly, it just seems a lot easier to manage most things per computer, but a few select users need escalated rights no matter which computer they use. Do we have to switch the entire SEP configuration to user mode in order to accomplish this?