Device Control regulates access to external storage devices and network resources connected to computers. Device Control helps prevent data loss and leakage and, combined with file scanning, helps guard against security risks.
You can configure Device Control policies for internal and external agents. Administrators typically configure a stricter policy for external agents.
Policies are granular settings in the Apex One agent tree. You can enforce specific policies to agent groups or individual agents. You can also enforce a single policy to all agents.
After you deploy the policies, agents use the location criteria you have set in the Endpoint Location screen (see Endpoint Location) to determine their location and the policy to apply. Agents switch policies each time the location changes.
Important
Important
The types of devices that Apex One can monitor depends on whether the Data Protection license is activated. Data Protection is a separately licensed module and must be activated before you can use it. For details about the Data Protection license, see Data Protection License.

Devices Monitored by the Unauthorized Change Prevention Service

Device Type
Device Description
Storage Devices
CD/DVD
Important
Important
Device Control can only limit access to CD/DVD recording devices that use the Live File System format. Some third-party applications that use Master Format can still perform read/write operations even with Device Control enabled. Use Data Loss Prevention to limit access to CD/DVD recording devices that use any format type.
For details, see Blocking Access to Data Recorders (CD/DVD).
Floppy disks
Network drives
USB storage devices

Devices Monitored by Data Loss Prevention

Device Type
Device Description
Mobile Devices
Mobile devices
Storage Devices
CD/DVD
Floppy disks
Network drives
USB storage devices
Non-storage Devices
Bluetooth adapters
COM and LPT ports
IEEE 1394 interface
Imaging devices
Infrared devices
Modems
PCMCIA cards
Print screen key
Wireless NICs