Hope you're all keeping safe. Just wondering what everyone is doing regarding blocking peripherals if nobody is in the office on designated machines? For example, we have designated desktops at offices where staff can plug in an external USB drive from a client, this is normally blocked on all machines. But now we are all working from home so is anybody in the same position as us? Any ideas on restricting USBs but also allowing them? All I can think is ad-hoc policy changes to allow the USB when a user requests and then revert the policy to block like an hourt later?
Currently, as office use, you have blocked the USB ports on the desktops. Now users are working from home, so you want to enable the USB on the desktops. Am I correct?
If yes, I'd like to understand the reason behind allowing the USB ports for the few hours.
Jasmin Community Support Engineer | Sophos Support Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts | If a post solves your question use the 'This helped me' link
Well we will still be receiving client data on USB drives. Some of our clients do not have internet access so send us their accounts via USB drives.
In that case, if you have defined USB drives which you are going to use to feed the data to desktops, then you can make exemptions for those devices and those USB drives can be accessed anytime. Please refer to this document for the peripheral policy.