We are currently running DDPE Policy based encryption + EMS, with EMS configured to enforce encryption to shieldable media and deny write to unshieldable media (ex. phone transfer USB). Is it possible to add phones to some sort of whitelist, so we can maintain encryption enforcement but other than that allow RW access to specific devices? I don't think I've seen that option but I'd like to confirm. Thanks!
We have the ability to whitelist devices via our EMS Device Whitelist policy. The below KB will help you get the unique identity of these devices so you can copy that into the policy area of the console.
Android devices are probably going to be the biggest cats to hurdle since there are many makers, many devices, and no standardization as to how they present themselves to the OS.
Another way you might be able to prevent access to some mobile devices is via the Windows Device Control policies. I had a Samsung device a few years ago that when plugged into the computer presented itself via this method and these policies helped prevent access.
Senior Principal Engineer, Support & Delivery Services
Dell Data Security
Need Immediate help? Please call DDS Support @ +1.877.459.7304 Ext. 4310039