Select macOS as the operating system and Mobile Device Management / Microsoft Intune as the deployment method. Custom queries can also be written by IT admins to identify USB events on a more granular scale. Deploy Microsoft Defender for Endpoint on macOS Step 1: Get the Microsoft Defender for Endpoint onboarding package In Microsoft 365 Defender, navigate to Settings > Endpoints > Onboarding. If a USB device does not reside in any of these nested entries, their access is defaulted to the top level permission for the organization. This is further enforced by having hierarchical custom policies containing vendors, products, and serial numbers. This is done by supporting "Audit and Block" enforcement capabilities, controlling access for specific USB devices, and custom policies that can be set to redirect users to specific URLs when they plug in a restricted device. To reduce this attack surface, the company is now offering a public preview of USB storage device control for Mac, which essentially aids organizations in reducing this attack surface and mitigating data loss and malware. Microsoft has noted that many end users in organizations simply plug in USB devices on their enterprise machines without considering potential risks. Now, the firm has updated its macOS solution to offer better and more granular controls for USB devices.
The service is cross-platform and provides security capabilities across Windows, macOS, Linux servers, and Android. Microsoft Defender for Endpoint is the company's enterprise security solution to detect and mitigate vulnerabilities, reduce the potential attack surface, and simplify endpoint security management centrally.
0 kommentar(er)
