To facilitate this, an administrator can see every case of a device that was blocked in the management console’s Activity Log, and directly from there, approve the blocked device if they choose. We realize that administrators need the flexibility to respond “on the go” and approve new USB devices as they appear on (and are blocked by) the system. SentinelOne Device Control allows administrators to easily define policies, but we also recognize that new devices can be introduced to the enterprise every day.
DISABLE USB STORAGE IN SYMANTEC ENDPOINT PROTECTION MANAGER BLUETOOTH
keyboard, mouse, headset) or to allow the operation of devices based on the Bluetooth protocol version they support (to reduce the risk stemming from vulnerabilities in older Bluetooth versions).įlexibility and Control Over Every Device
Most of these reside in older Bluetooth versions and security-conscious enterprises should refrain from allowing users to connect such devices to corporate endpoints (and, subsequently, networks).įor Bluetooth devices, SentinelOne Device Control makes it possible to allow or restrict the use of all Bluetooth devices, Bluetooth devices according to their type (e.g. The Bluetooth protocol has been riddled with vulnerabilities. For example, it is possible to construct a rule that allows specific users to access certain types of USB devices, permits others to use USB removable media to read files only, and blocks all other users from using external USB devices completely. This enables the administrator to set fine-grained policies. For instance, we can control USB devices based on the following attributes: Rule definition starts by selecting the interface type (USB or Bluetooth), then rule type and action. Policy is constructed by a set of Device Control rules. You can set a Device Control policy for the entire enterprise, a specific Site or even a specific Group of devices. To facilitate implementation, we’ve designed this feature to allow maximum granularity and flexibility when defining an enterprise Device Control policy. In designing this feature we took into account requirements like system stability, interoperability and cross-platform support (Windows and macOS).ĭevice Control: Simple Policy Management to Add, Block or Restrict Devices USB drives are also a prime vector for the egress of confidential and business critical data, and the recent shift to “work from home” (or anywhere except the office) only adds to the risk of employees connecting non-company sanctioned peripherals to facilitate this new work environment. In one incident, hospitality victims were sent an envelope containing a fake BestBuy gift card, along with a USB thumb drive containing malware.
Malware borne on removable media has been used for opening backdoors, establishing persistent remote access and delivering further malicious payloads, among other things.Īttackers have been finding creative ways to lure users into plugging alien USB thumb sticks into their corporate devices. A recent report found that cyber threats to operational technology systems through USB removable media devices have almost doubled in the last 12 months, for example. The prevalence of peripherals connected to endpoints in the enterprise has not gone unnoticed by malicious actors. Peripherals connected via USB or Bluetooth are ubiquitous and still a necessary feature of business devices, from laptops to workstations and even IoT smart devices. What Are the Security Risks of USB and other Peripherals? Our updated Device Control feature means IT and SOC teams can ensure business continuity for all end users requiring the use of external devices while limiting the attack surface to the bare minimum. Today, we are excited to announce the latest updates to this feature, which now allows management of USB, Bluetooth and Bluetooth Low Energy devices with the greatest granularity possible. Back in 2018, we announced Device Control to our platform, offering admins and security teams the ability to manage the use of USB and other peripheral devices across the network.
0 kommentar(er)
