Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 9030 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

USB device control - Logging files written to exempt devices?

Jonny Quest

We have a new policy that requires us to disable usb devices (flash drives, hard drives, etc), But also in the policy is an exemption for persons who need to use a flash drive for business purposes, such as transferring files to an auditor, but the policy requires IT to log any files written to the exempted device as an audit trail.

Is this possible using Sophos?



This thread was automatically locked due to age.
Parents
  • 0

    Hello Jonny Quest,

    first of all, SESC (on premise SEC managed) or Central? The former manages computers only, so you can't make exemptions for persons (users), at least not directly.
    Also Device Control is for general control of device availability only, i.e. if a device is detected it is treated according to the policy - whether an actual transfer is attempted or not doesn't matter. For example if USB devices are to be blocked the device will be disabled (and an event generated) upon insertion, not when a transfer attempt is made.
    Furthermore, reads can't be monitored at all, you could monitor/control writes but only with Data Control/DLP.

    Christian

  • 0 in reply to QC

    I take that as a no, so I guess we will have to stay with Symantec for now.

    Thanks for the reply.

Reply Children
No Data
Unfiltered HTML