截屏视频帮助

ADC Mass Storage Dilemma's

创建时间: 19 10 月 2012 | 6 条评论

We currently run a ADC (specifically Application Control) policy to stop read and write to USB Mass Storage as filtered Device ID USBSTOR*. I have found that with more and more users using smart phones or phones that have a storage device to store data and have moved away from using the traditional Thumb drive type devices. This is a problem when you are using SEP to control mass storage as the mobile devices are detected by the OS as different devise ID's. These devices are not always detected as USBSTOR devices in device manager this makes SEP's ADC policy redundant. Some are detected as portable devices with unique device ID's. 

Not wanting to invest time and money in creating rules for all differing variants on Mobile device I was wondering if anyone else has come across this and what your experiences are with mobile device storage? Have you moved away from SEP for this Device control, are you using multiple tools to control Mass Storage devices (e.g. Windows Group Policy, DLP agents and SEP...)? 

Our goal is to stop malicious data theft and accidental data lose. 

Thanks

讨论 归类至以下社区:

评论 条评论跳转至最新评论

consoleadmin 的图片

Hi,

I am using the below USB class id to disable all type of the USB Storage included Mobile

USB Class: {36fc9e60-c465-11cf-8056-444553540000}

https://www-secure.symantec.com/connect/forums/adc-policy

Thanks.

Chetan Savade 的图片

Hi,

Refer this thread

https://www-secure.symantec.com/connect/forums/per...

Chetan Savade
Sr.Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

Jamit 的图片

Hi All, thanks for your responces they have been a great help. I am developing and testing some new rules now. 

Ian_C. 的图片

I'll have to bookmark these links.

Please mark the post that best solves your problem as the answer to this thread.
Simpson Homer 的图片

In reference to Mobile Device Security, what security can be planned with respect to personal mobile phones used by employees in software development environment?

A mandatory security policy in the company that requires all employees to check their cell phones in at the front desk when in the building is one possible measure.  This is not popular but then again there is always a trade-off between convenience and security.  I know of companies that have put such a policy in place effectively. 

If you are concerned that employees could copy proprietary information (source code, etc) onto the storage that is within their mobile phones, you could create a Application and Device Control (ADC) rule in Symantec Endpoint Protection to block them.

Smart phones and Application and Device Control in Symantec Endpoint Protection 11.0(http://www.symantec.com/docs/TECH147791

Please do elaborate on other concerns!  Mobile Device security is an area where I have a bit of experience.