USB Access Rule Removal

This guide will show an administrator how to remove a configured USB access rule that is currently enforced on Intune joined Windows devices.

Role Requirements

Procedure Scope: Administrators

Required Group Membership: Admin.Security

Handbook Reference

Package: TBD

Domain: TBD

Modifies: TBD

USB Access Rule Removal

  1. Navigate to the Attack Surface Reduction – Intune portal, locate and select the Security Essentials Memory and USB Protection policy or an equivalent Device Control policy.
  2. Scroll down to Configuration Settings and select Edit.
  3. The default rules will be displayed. Regardless of which USB rules has been configured, the same Removal process is applied to Allowed or Prevented USB Device Identifier, Instance Identifier, or Setup Class rules. Locate and select the desired USB rule that no longer needs to be influencing USB access handling. Select the Remove button after the entry has been selected (indicated by a blue checkmark). After the Remove action has been carried out, the entry should no longer be present in the list below. Selecting Next to proceed to the review section.
  4. From the Review section, you will be able to select the Settings dropdown to verify that the removed USB access rules are no longer generating. Select Save to finalize the USB access rule removal. Rule changes propagate in less than 24 hours.

Need Assistance?

Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.