By: Laura Arrizza – Product Manager | Microsoft Intune
Intune is excited to announce new device control capabilities that allows greater flexibility for enhanced endpoint security. This feature...
Updated Dec 19, 2023
Version 2.0
Blog Post
3 MIN READ
New device control capabilities to manage removable storage media access in Microsoft Intune
Thank you for the guide. This is exactly what MS have in https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/deploy-manage-removable-storage-intune?view=o365-worldwide#scenario-1-prevent-write-and-execute-access-to-all-but-allow-specific-approved-usbs-1 article and this is exactly how we did it. But it doesn't work. The allowed USBs are still been blocked on Win 10 and on Win 11 the entire policy is non-functional - nothing is been blocked even with all the mentioned registries in place.
MS Support has been quiet for over a month and not accepting the 3 tickets I've raised.
UPDATE: After some months, this is now working as intended. The only issue now is that allowing by Instance Path/ID hasn't worked which is not great since we want to restrict this 1 USB to this 1 user.