We are deploying EEFF 4.2 to only encrypt USB devices. I realize that DLP has more capabilities for handling various devices. However, I would like to know how far I can get with EEFF\EERM alone. Are there any resources for exempting phones, tablets, ereaders, etc by manufacturer, for example Apple? I have EEFF deployed and the EPO logs show 700 devices so far. I can get a list of current devices from an EPO query, example below.
Since others have already deployed I was just wondering what resources were available to help with this. Otherwise I guess I am just monitoring, gathering devices and exempting.
This has been pushed up in the queue by Management so I under the gun to get it moving.
"Device exemption” feature is based on the DeviceID (Device Instance Path), and devices are exempted based on a substring match.You can configure any search patterns or device IDs.
For instance if the Device ID was identified as USBSTOR\DISK&VEN_KINGSTON&PROD_DATATRAVELER_G3&REV_1.00\001CC0EC321DFBC0B7172686&0,any of the below strings will exempt the device from being encrypted
For more information, refer to the articles below :
How to exempt devices by Vendor : https://kc.mcafee.com/corporate/index?page=content&id=KB69770
How to exempt by Device IDs : https://kc.mcafee.com/corporate/index?page=content&id=KB75531
Hope this helps