Intune
      Back to home
      1. Sittadel Knowledge Base
      2. Management Guides
      3. Intune

      USB Access Policy Creation

      This guide will provide background information on creating a new device control attack surface reduction rule that revolves around USB access within your organization.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: TBD

      Domain: TBD

      Modifies: TBD

      Creating a Device USB Access Policy

      1. Navigate to the Attack Surface Reduction – Intune portal, locate and select Create Policy. A pop-out will be generated where you will want to specify the Operating System Platform scope as Windows and specify Profile Type as Device Control. Select Create to proceed.
      2. You will supply basic identification information such as the Name and Description for the policy. Select Next to proceed.
      3. All the security related configuration items related to the Device Control profile type will be listed, we will be focusing on settings related to removable storage devices; USB access handling is a very restrictive control to implement, the increased management for creating exceptions to policy enforcement should be taken into consideration. Deploying any USB access restrictions should only be carried out once a technical decision making has thoroughly considered the workload that comes with this security implementation. Select Next to continue.
      4. Scope tag selection can be made utilized if desired, it is mainly leveraged with RBAC, for this example we will bypass specifying a scope tag. Select Next to continue.
      5. You will be able to configure Group Assignments or Exclusion for the policy, this section will outline the selected groups that will be in scope to have the profile deployed. Select Next to proceed to revisions.
      6. The review page will allow you to see all configured settings for the Device Control creation process, if you detect a discrepancy at this stage make note of the section and select Back to go to the previous sections to make the necessary alterations before finalization. If everything checks out, select Save to publish the device control rule.
      7. Upon successful creation the rule will show up in the list of all attack surface reduction policies managed through Intune.

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.