today I received one alert which users have copied the data from PC to a USB stick and we did not get the event into the DLP incident manager which is weird but we got catches into Symantec DLP so there is a gap between DLP-endpoint policy which we did not trigger about the block. you can check below the device instance and it looks SDHC card so I want to block this through ePO without harm any other devices related to PCISTOR . do you have any idea - how we can restrict this.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.