Device Control

OfficeScan provides a device control feature that regulates access to external storage devices and network resources connected to computers. Device control helps prevent data loss and leakage and, combined with file scanning, helps guard against security risks.

Device Control is available only on computers running x86 type platforms.

  1. Select the check box to enable device control.

  2. Choose whether to block or allow the AutoRun function (autorun.inf) on USB devices connected to the computer.

  3. Select the permissions for each device type.

    Device permissions

    Permissions

    Files on the Device

    Incoming Files

    Full access

    Operations allowed: Copy, Move, Open, Save, Delete, Execute

    Operations allowed: Save, Move, Copy

    This means that a file can be saved, moved, and copied to the device.

    Read and write only

    Operations allowed: Copy, Move, Open, Save, Delete

    Operation blocked: Execute

    Operations allowed: Save, Move, Copy

    Read and execute only

    Operations allowed: Copy, Open, Execute

    Operations blocked: Save, Move, Delete

    Operations blocked: Save, Move, Copy

    Read only

    Operations allowed: Copy, Open

    Operations blocked: Save, Move, Delete, Execute

    Operations blocked: Save, Move, Copy

    No access

    Any attempt to access the device or network resource is automatically blocked.

    Operations blocked: Save, Move, Copy

  4. Select whether to display a notification message on the client computer when OfficeScan detects unauthorized device access, which includes all operations that OfficeScan blocks.

  5. If you selected domain(s) or client(s) on the client tree, click Save to apply settings to the domain(s) or client(s). If you selected the root icon, choose from the following options:

See also: