cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

How to allow phone and block everything else?

Jump to solution

Playing around with McAfee DLP 11 and had a question. Is there an -EASY- way to allow somebody to use their phone as storage but block USB/optical drives/SD cards/etc?

I tried having just a few rules and in my rule that blocks Apple devices and Smart Phones, I added the AD group I'm in as an exception but quickly discovered that DLP enforces the toughest rule across the board ignoring my exception. (My other rules block SD cards, USB drives, etc.)

I called into McAfee support and they suggested breaking out my rules individually and add my AD group as an exception to whatever I needed. That was KIND of working except on some older Android phones, it sees the internal memory as a CDROM drive (I know, weird).... and on another Android phone, it saw internal memory as an SD card. So I added my AD group in the exception box on THOSE policies and then it was blocking on the 'Windows portable drive' rule..... which I added my AD group to THAT exception box then it started blocking on the generic 'removable storage' rule. Added an exception there and THEN all my test Android phones worked but..... because of me needing to add so many exception to so many rules, I could now use USB drives and the internal SD card slot of my laptop but the goal is to allow the phone as storage and block all other devices.

Is there an easy way to do this? I don't want to create whitelist exceptions because we can't control which phones people use so whitelisting would be a neverending struggle. I think it's coming down to this..... we'll have a 'block all' policy for everyone in the company and in the 3 rules I have set up, I'll add the groups that people belong to that will need to use their phones as storage and this will also allow them the ability to use all external storage. To boil that down....... Group 1: Block everything. Group 2: Use whatever.

Or am I missing something?!

1 Solution

Accepted Solutions
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: How to allow phone and block everything else?

Jump to solution

@gene0915 The Group 1: Block everything and Group 2: Use whatever is a simple method and best practice as well.

The systems can be moved between the groups on demand to block / allow.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

JaganA
McAfee Employee

Was my reply helpful?
If yes, click "Accept as Solution" in my reply and together we can help other members?

View solution in original post

1 Reply
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: How to allow phone and block everything else?

Jump to solution

@gene0915 The Group 1: Block everything and Group 2: Use whatever is a simple method and best practice as well.

The systems can be moved between the groups on demand to block / allow.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

JaganA
McAfee Employee

Was my reply helpful?
If yes, click "Accept as Solution" in my reply and together we can help other members?

View solution in original post

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community