The usage of USB devices is inevitable in any organization. Data portability perks come as a package with the threat of data theft and malware injection. Hence, blocking the usage of USB devices fortifies the network from incidents of data breach.
Desktop Central offers several configurations to help you safeguard the Mac machines in your network. This document provides you with steps on preventing the usage of unauthenticated storage devices. Additionally, you can also obtain a report on the block/unblock status. You can choose from the following operations based on your requirement:
Download dcblockusb.zip executable.
Note: All USB storage devices will be blocked.
All the external storage devices have been blocked successfully.
Note: To unblock the external storage devices, either the configuration has to be deleted or the the target machine should be removed from the configuration. The changes will take effect after the next reboot of the target computer.
Download dcblockusb.zip. You'll need the contents of this file for both block and unblock operations.
Note: All USB storage devices will be blocked
Steps to block a device:
4. If you want the USB devices to be blocked round the clock, the frequency should be set as 'During Every Startup' while deploying the configuration. While executing this as a startup script, the devices will be blocked from subsequent startup.
All USB storage devices have been blocked successfully.
Steps to Unblock devices:
To unblock the external storage devices, either the configuration has to be deleted or the the target machine should be removed from the configuration. The changes will take effect after the next reboot of the target computer.However, to post data to get a report of unblocked devices, you need to do the following.
The script to post unblock status has been deployed successfully.
Steps to Obtain a USB policy report:
You can generate a report on block/unblock status based on the device type. For this, copy the query text here and go to Reports > Query Reports > New Query Report. Paste the text in the query field and Run the report. This will show you the list of blocked and unblocked devices.