never tried blocking this through DLP, but it probably can be disabled in the BIOS. Depending on how many PC's you have out there it may take a while if its in the hundred's.
Some trouble shooting steps:
- Go to "Agent Configuration" -> "Miscellaneous"and verify that "Device Blocking" is checked.
- Are you able to block any other devices or is it just this that is not being blocked?
- Is this rule being applied using AD group membership? try assigning the rule to a single user.
how you blocking the devices based on user or based on system if you blocking based on system check whether the rule is applied or not,
if you are blocking based on user check whether user is included or excluded.
First this will be no easy tasks. The cheapest solution is to hire a person to UNPLUG the USB Card reader cable (Clean inside ;-) OR if you are in a BANK UNPLUG and CUT it so employee don't self attach again inside PC.
We did this under DLP 9.3 with HP MEDIACARD22in1 etc. in DESKTOP and it was horror.
The only working solution was to:
* Install a software like devmgr where you see all componentens from USB and hubs
* Then "No Joke" 1) Put a MEDIA (SD-card) into the SLOT 2) On the mainboard itself UNPLUG and then PLUG the Media card reader USB-cable. (Physical open box)
* ONLY then you the right events and DeviceID's
Try anything else > You think it's working but fail....
We spent almost 1 month on debug on this because a larger customer who promised to disable the Media card Readers physical did NOT. Worst case they have Bitlocker/TPM so we
now can't JUST unpluf the cable wihtout changing bitlocker configs.
You may have to solve this with Laptop Card Readers but there the effort will be ok.
a Mcafee TIE fan
I did a presentation on DLP configuration a while ago and just posted it.
Maybe you will have some tips there...I know the Ricoh SD card reader POSTS frequently giving a large number of false-positives.
Also..some SD card readers are wired into the internal USB Hub...so they mount as USB....
then there are cameras
We used Compatible ID's to get them.