Login  
Hello there!

Need Help? We are right here!
miniorange Support~
miniOrange Email Support
success

Thanks for your Enquiry.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×
  • Home
  • DLP
  • Guide for Configuring USB Policy

Configure USB Policy using miniOrange DLP solution

In today's digital landscape, securing sensitive data is crucial. One of the key security measures is preventing unauthorized USB access to protect against data breaches. This guide provides a step-by-step walkthrough on configuring USB policies in your Data Loss Prevention (DLP) solution. You’ll learn how to set up USB blocking, notifications, logging, and whitelisting to ensure only approved devices can connect. By following this guide, you can enhance security and gain full control over USB device usage within your organization.

Prerequisites

    There are a couple of things you need to check before you start with the setup:

  • You need Administrator access for your DLP dashboard.
  • You will need the VID and PID of the USB devices.

Step 1: Steps to configure USB Policy

  • Sign in to your DLP Admin dashboard.

    • miniOrange DLP Admin dashboard login for USB policy configuration and data breach prevention

  • From the dashboard, navigate to Windows Tab → USB Storage → Policy tab.

    • miniOrange DLP USB Storage Policy tab to add and configure USB blocking policy

  • Under the Policy tab click on Add Policy button and provide required information for creating the USB policy.

    • miniOrange DLP Add Policy button for creating new USB storage policy with block notify or log actions

  • After accessing the policy form, enter the following details:

    • miniOrange DLP USB policy form with policy name actions risk and whitelist USB selection

  • Policy Name: Identifier for administrators.
  • Actions: This option will allow you to choose what type action should be triggered when a USB device is connected.
    • Block: This action blocks all USB devices except those on the whitelist. Users will receive a notification stating, "USBs are not allowed." A report will be generated for the blocked device, including the USB device ID that was connected.
    • Notify: This action does not block USB devices. Instead, it provides a notification when users attempt to write to or update a file on the USB device. A report will be generated detailing the file path that was accessed on the USB device, and users will receive a notification about it.
    • Log: This action generates a report that includes the file path written to the USB device. No notifications will be received.
  • Risk: You can assign a Risk level to the policies. Policies marked as high-risk breaches will be displayed on the Dashboard.
  • Select USB for whiteList: Choose USB devices from the Whitelisted section. See USB Storage Device for steps to add a USB to the whitelist.

    • Note: This policy will not apply to whitelisted USBs.

  • Create Alert for this Policy: Once this toggle is enabled, you can specify the email addresses to which you want to notify policy breaches.

    • Note: You can enter multiple email addresses by pressing the Enter key after each one.


    miniOrange DLP Create Alert for USB policy breach with recipient email addresses

  • Once you have filled all the required policy details, then you can select the specific Device Group to which you want to apply the policy.
  • Finally, click on Add button to save the policy.

Step 2: Steps to USB Storage Device

  • From the dashboard, navigate to Windows Tab → USB Storage → USB Inventory tab.

    • miniOrange DLP USB Inventory tab to add whitelisted USB storage devices

  • Now click on Add USB Storage Device to create a Whitelisted USB device, you will also need the Product ID and Vendor ID of your USB device.

    • miniOrange DLP Add USB Storage Device form with Product ID and Vendor ID for whitelisting

  • To get the PID and VID of the USB please follow the below steps:
    • Search for Device Manager on your computer.
    • Locate USB device option, then right-click on it, and select Properties.
    • Navigate to the Details tab.
    • From the drop-down menu, select Hardware IDs. You will see an entry in the format of Vendor ID and Product ID.

      • For Example: HID\VID_046D&PID_C05A, Here the Vendor ID is 046D and the Product ID is C05A


    miniOrange DLP Device Manager Hardware IDs showing USB VID and PID for policy configuration

  • You have now retrieved the Vendor ID and Product ID, allowing you to whitelist a specific USB and enforce policies on other USB devices.

Step 3: USB Reports

  • To verify the newly created USB policy, connect an Unauthorized USB to your system.
  • Check if the policy blocks unauthorized actions and triggers alerts.
  • Navigate to Reporting → USB Reporting in the top-right corner of the dashboard to track all the USB policy breaches.

    • miniOrange DLP Reporting tab USB Reporting to view USB policy breach reports

  • Now can check all the USB policy breach reports in the USB Reporting section.

    • miniOrange DLP USB policy breach reports with device and incident details for compliance auditing

    In this way you have succesfully setup the USB Policy by using the our DLP solution. Also if you are facing any issues that you are not able to resolve please feel to reach out us uemsupport@xecurify.com

Want To Schedule A Demo?

Request a Demo