Device control
Device control is a measure of protection that restricts user access to removable storage devices.
Access rules allow administrators to define access control on removable storage devices for users and groups. Access rules can be defined to limit or block copying, modifying, or saving files to removable storage devices from workstations.
The access rule configurations include following permissions both for the default rule as well custom rules defined later:
Access Permissions | Meaning | Description |
---|---|---|
Allow | Trust & Monitor (Default Permission) | User can read, write, and modify files on the removable storage device. |
Block | Zero Trust | User cannot open, read, or save files to the removable storage device. |
Read only | Limited Trust | User can read files from the device, but cannot save, modify, or copy files to the removable storage device. |
The Device control tab displays the default access rules, options to create, edit, enable, disable or duplicate custom rules, and also set the risk adaptive protection levels.