Help Center
Quick Start
- Overview
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
File Analysis
- About File Analysis
- On-Demand Reports
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Ownership analysis
Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Gateway Server Failover
- Two-way SSL configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud App Discovery
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload Reports
Setting up Cloud Protection
Dashboard
Reports
Control Policies
Storage Configuration
Administrative settings
- Technician configuration
- Notification filters
- Manage agent
- Agent settings
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
Email configuration
General settings
- Connection
- Personalize
- DataSecurity Plus Server
- Privacy Settings
- Disk utilization
- Schedule Retention Policy
Policy Configuration
Release notes
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
Troubleshooting
- HTTP communication failure
- Dormant DataEngine
- Secure Gateway server failure
- RPC communication failure
- Known issues and limitations
- Known errors and solutions
Guides
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
- How to secure your DataSecurity Plus installation
Configuring external device control policies
The external device control policies offered by DataSecurity Plus restrict read, write, or execute actions on USBs—either individually or altogether—to stop sensitive data from leaving the organization and to prevent the infiltration of malware. These policies can also prevent file transfers by blocking peripheral devices operating on Bluetooth, Wi-Fi, and CD or DVD drives.
Follow the steps below to create new external device control policies:
- Select the Endpoint DLP module from the drop-down menu at the top.
- Go to Configuration > Prevention Policies > External Device Control.
- Click + Add New Profile in the top-right corner.
- Provide a suitable profile name and description.
- Select the actions that you wish to restrict from the checklist provided.
- Select Allow or Block for the required peripheral devices.
- Click Save.
- Enforce the external device control policy on endpoints by linking it to the corresponding DLP policy.
Notes:
- You can add devices to the blocklist by adding them on the Blocked Devices tab of the External Device Control page.
- Devices on the blocklist will be restricted from use only if the Block All Blocklisted Devices action is chosen in the external device control policy.
Follow the steps below to add devices to the blocklist:
- Select the Endpoint DLP module from the drop-down menu at the top.
- Go to Configuration > Prevention Policies > External Device Control.
- On the Blocked Devices tab, click + Add USB Devices.
- Enter the Device Instance Path of the required device and click Add.
Notes: To find the device instance path:
- Go to the Start menu and search for Device Manager.
- Double-click Disk drives.
- Right-click the required connected USB device and select Properties.
- In the window that appears, go to the Details tab.
- From the Property drop-down menu, select Device instance path. The device instance path is now displayed.
Mapping external device control policies to endpoints
To enforce external device control policies on endpoints, created policies have to be mapped to the DLP policy linked to the targeted endpoints.
Follow the steps below to map external device control policies to endpoints:
- Select the Endpoint DLP module from the drop-down menu at the top.
- Go to Configuration > DLP Policies.
- Select the DLP policy that is linked to the endpoints to which you wish to apply the external device control policy.
- Under Prevention Policies, click External Device Control.
- Select the external device control policy you wish to enforce on endpoints.
- Click Save to update the external device control policy.