I have came across some unique requirements, see if you can suggest way in ePO for DLP and FRP.
USB only allowed Write if system has DLP and FRP installed. If only DLP installed then it will grant Read only access.
For this I thought to generate report of systems with DLP installed with specific User which is member of AD group - USB Enfrce
And then check if FRP Installed (on these systems) or not - if installed then assign specific DLP policy to Allow Read/Write and if not installed then assign policy to make it Read ONly access to USB.
I know it's bit complicated but as security admin we should have this kind of prevention to fill the security gaps ....
Any thoughts ??