Configuring Authorization Settings
You can configure a Media Encryption & Port Protection rule to require scans for malware and unauthorized file types when a storage device is attached. You also can require a user or an administrator to authorize the device. This protection makes sure that all storage devices are malware-free and approved for use on endpoints.
On Windows E80.64 and higher clients, CDs and DVDs (optical media) can also be scanned.
After a media device is authorized:
-
If you make changes to the contents of the device in a trusted environment with Media Encryption & Port Protection, the device is not scanned again each time it is inserted.
-
If you make changes to the contents of the device in an environment without Media Encryption & Port Protection installed, the device is scanned each time it is inserted into a computer with Media Encryption & Port Protection.
You can select one of these predefined options for a Media Encryption & Port Protection rule:
Require storage devices to be scanned and authorized -
-
Scan storage devices and authorize them for access - Select to scan the device when inserted. Clear to skip the scan.
-
Enable self-authorization - If this option is selected, users can scan the storage device manually or automatically. If this setting is cleared, users can only insert an authorized device.
-
Manual media authorization - The user or administrator must manually authorize the device.
Allow user to delete unauthorized files - The user can delete unauthorized files detected by the scan. This lets the user or administrator authorize the device after the unauthorized files are deleted.
-
Automatic media authorization -The device is authorized automatically.
Allow user to delete unauthorized files - The user can delete unauthorized files detected by the scan. This lets the user or administrator authorize the device after the unauthorized files are deleted.
-
-
-
Exclude optical media from scan - Exclude CDs and DVDs from the scan.