Within DLP 10 I have configured a Removable Storage Device rule. The Condition applies to all Removable storage devices and is applicable to all users. Under Exceptions I have configured a Device definition to enable a specific type of USB drive to be writable. I have noticed that we are able to define users who are excluded from the device rule. However, it has been requested that the exclusion is applicable to Users who are a member of a particular group AND have the approved USB media. From what I can see this can only be set as an OR. Is this correct or am I able to meet our requirements?
Thanks in advance.
Many thanks for coming back and for pointing out the Excluded Serial Number & User pairs exception.
This slightly differs from our original requirements however this approach is actually far more secure. From what I understand this pairs a fully qualified user name with the serial number of a particular device. Our original intention was to pair members of an AD group with the ability to write to a configured device definition. From what I can gather this is not possible. Am I correct?
If this is the case, I intend to propose SN & User pairs. I assume you are able to pair a SN with multiple users?
Thanks in advance,