Removable Storage Parent topic

OfficeScan monitors data transmissions to or within removable storage devices. Activities related to data transmission include:
  • Creation of a file within the device
  • Copying of a file from the host machine to the device
  • Closing of a modified file within the device
  • Modifying of file information (such as the file’s extension) within the device
When a file to be transmitted contains a data identifier, OfficeScan either blocks or allows the transmission.
Note
Note
The Device Control action has a higher priority than the DLP action. For example, If Device Control does not allow copying of files to a removable storage device, transmission of sensitive information does not proceed even if DLP allows it. For details on Device Control actions, see Permissions for Storage Devices.
For a list of supported removable storage devices and applications that facilitate data transmission activities, see the Data Protection Lists document at:
The handling of file transmission to a removable storage device is a straightforward process. For example, a user who creates a file from Microsoft Word may want to save the file to an SD card (it does not matter which file type the user saves the file as). If the file contains a data identifier that should not be transmitted, OfficeScan prevents the file from being saved.
For file transmission within the device, OfficeScan first backs up the file (if its size is 75MB or less) to %WINDIR%\system32\dgagent\temp before processing it. OfficeScan removes the backup file if it allowed the file transmission. If OfficeScan blocked the transmission, it is possible that the file may have been deleted in the process. In this case, OfficeScan will copy the backup file to the folder containing the original file.
OfficeScan allows you to define non-monitored devices. OfficeScan always allows data transmissions to or within these devices. Identify devices by their vendors and optionally provide the device models and serial IDs.
Tip
Tip
Use the Device List Tool to query devices connected to endpoints. The tool provides the device vendor, model, and serial ID for each device. For details, see Device List Tool.