登录查看更多内容

Restrict USB storage with Intune

Gregory Hall

Lead Consultant ? Microsoft Security and Compliance

发布日期: 2023年1月29日

Been tasked with a proof of concept for Intune to restrict USB drives but allow company issued ones. This is the writeup on how I solved this use case.

Create an Intune Device Configuration profile according to ths following Microsoft documentation.

https://learn.microsoft.com/en-us/mem/intune/configuration/administrative-templates-restrict-usb

So the trick is to use a combination of the Allow Installation of devices that match any of these device instance IDs, Allow Installation of devices using drivers that match these device setup classes GUIDs, Apply layered order of evaluation, and Prevent installation of devices that match any of these device IDs and set it to GENDisk

Brian Fulmer

IT Manager at American, Inc.

1 年

Perfect project for CMMC 2.0 Level 2 compliance, or DFARS 7012 / NIST 800-171. Is your client part of the DIB? #cmmc2 #nist800171

Gregory Hall

Lead Consultant ? Microsoft Security and Compliance

1 年

I will add to this when I have more time.

查看更多评论

要查看或添加评论，请登录

查看全部

Restrict USB storage with Intune

Gregory Hall

Lead Consultant ? Microsoft Security and Compliance

更多精彩文章

社区洞察

其他会员也浏览了

Cisco CUCM - moving Line1 to another position on an IP phone

NO_Serial devices in Intune

A miniature display module features a full color 0.9” TFT LCD powered by WiFi SOC which offers an array of functionality and options for any users

Desktop Analytics - the new black

Post-CrowdStrike Recovery: Rotating BitLocker Keys in MECM BitLocker Management scenario

Debugging USB Type-C Driver # 1

Keep your test computers running (Intune blog)

SWAP, drop & Roll: A live look at Memory Management!

Windows Servicing simplified

Federal Reinsurance Reserve

2024年8月19日

?? Enhanced Security with Microsoft Entra ID and Defender for Cloud Apps ??

2024年7月24日

Base64: Encapsulation Technique Over Obfuscation Method

2024年6月27日

Deception Tech: How MDE Helps You Respond to LLMNR and NetBIOS Attacks

2024年6月26日

Detailed Steps to Create and Train a Classifier

2024年6月20日

CISO Weekly Blog: Utilizing the Fishbone Diagram Technique for Effective Incident Response

2024年6月19日

CISO Weekly Blog: The Year of Compliance Continued

2024年6月13日

Porting Hack The Box PWNBOX Parrot OS Edition to WSL

2024年6月9日

CISO Weekly: Governance and Compliance with Microsoft Purview

2024年6月5日

Securing Domain Controllers: Using MDE Live Response or CrowdStrike to Inject a New Domain Admin into Active Directory

2024年6月3日

社区洞察

其他会员也浏览了

Cisco CUCM - moving Line1 to another position on an IP phone

NO_Serial devices in Intune

A miniature display module features a full color 0.9” TFT LCD powered by WiFi SOC which offers an array of functionality and options for any users

Desktop Analytics - the new black

Post-CrowdStrike Recovery: Rotating BitLocker Keys in MECM BitLocker Management scenario

Debugging USB Type-C Driver # 1

Keep your test computers running (Intune blog)

SWAP, drop & Roll: A live look at Memory Management!

Windows Servicing simplified