This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Read-only access to MTP devices?

Hi,

We are currently implementing Sophos device control on our network, including blocking access to USB storage devices.

Our employees use Android mobiles (Galaxy A3's) which many of them connect to their PC's via USB in order to transfer photos (only from phone to PC, not the other way).

However, looking at the device control policy for MTP/PTP devices, the only options are Blocked, or Full Access. Is there any way to allow just read-only access to these devices?

thanks

Dan



This thread was automatically locked due to age.
  • Hello Dan,

    MTP/PTP is a communication protocol, devices don't appear as storage devices. You can't restrict access to read-only.
    Are you worried that users might transfer potentially sensitive files to their mobiles?

    Christian

  • Hi Christian

    Thanks for the reply, yes I realised after more investigating that this is limitation of the protocol itself rather than Sophos.

    We would prefer that users can only copy files from their phones to their computers, but not in the opposite direction. Even if there was a read-only option, I realise there are various ways to get around this, but we just want to make it as difficult as we can for users to take data out of our network.

    thanks

    Dan

  • Hi Christian,

    My name is Dan Petford and I work with my colleague Dan Wills who posted the original question.

    I have since found out that you can Exempt a device as 'Read-only' which allows you to access the photos on the Mobile Phone, however I can still copy items to the phone.

    Is there any way around this?

    Kind regards, Dan

  • Hello Dan the other,

    that you can Exempt a device as 'Read-only'
    you can't, this is a GUI issue and the setting permits Full Access. According to the article first seen for SEC 5.2.1, no Fix Version in the Known Issues List - don't ask me why.

    As said, it can't be done.

    Christian