How to Block All USB Drives Except Company Approved with Microsoft Intune and Defender Step-by-step
In this video, we'll show you how to enhance your organization's data security by blocking all USB drives except for company-approved devices using Microsoft Intune and Defender for Endpoint. Learn step-by-step how to configure USB policies to prevent unauthorized access and protect sensitive information. Whether you are an IT admin or a security professional, this guide will help you implement effective USB device management to safeguard your data.
How to Block All USB Drives Except Company Approved with Microsoft Intune and Defender Step by step
Block All USB Drives Except Company-Approved with Microsoft Intune & Defender for Endpoint
How to Restrict USB Access to Company Devices Using Microsoft Intune & Defender
Secure USB Policies: Block All Except Company USBs with Intune & Defender
Restrict Unauthorized USB Drives with Microsoft Intune and Defender
Allow Only Company USBs with Intune & Defender for Endpoint
Key Points Covered:
Introduction to USB device management
Configuring Microsoft Intune to block unauthorized USB drives
Setting up Defender for Endpoint for additional security
Allowing only company-approved USB devices
Best practices for data protection
Make sure to like, comment, and subscribe for more IT security tutorials!
Join PaddyMaddy channel to get access to perks:
👉 / @paddymaddy26
0:00 Introduction
0:07 Overview of Blocking USB Drives
0:16 Allowing Company-Owned USB Drives
0:43 Creating Policies with Microsoft Intune
1:01 Common Issues with Standalone Intune
1:22 Using Microsoft Defender for Endpoint
1:41 Checking License Requirements
2:00 Enabling Microsoft Intune Connector
2:27 Configuring Security Policies
3:04 Attack Surface Reduction (ASR)
3:22 Whitelisting Specific USB Sticks
4:07 Using Device Manager for Hardware IDs
4:50 Extracting Hardware IDs with HWInfo64
5:19 Creating Reusable Policies
5:50 Configuring Removable Storage Settings
6:44 Allow Installation of Specific Devices
8:29 Creating ASR Policies
9:07 Denying and Allowing USB Devices
12:07 Advanced Device Control Policies
14:23 Using Device Classes and GUIDs
17:07 Including and Excluding Devices
20:05 Testing and Validating Policies
21:26 Additional Configuration Options
22:00 Conclusion
#PaddyMaddy #MicrosoftIntune
#DefenderForEndpoint
#endpointprotection
GUID's
{4d36e96b-e325-11ce-bfc1-08002be10318}, {4d36e96f-e325-11ce-bfc1-08002be10318}, {745a17a0-74d3-11d0-b6fe-00a0c90f57da}, {4d36e96c-e325-11ce-bfc1-08002be10318}, {ca3e7ab9-b4c3-4ae6-8251-579ef933890f}, {6bdd1fc6-810f-11d0-bec7-08002be2092f}, {4D36E97D-E325-11CE-BFC1-08002BE10318},
{53d29ef7-377c-4d14-864b-eb3a85769359}, {62f9c741-b25a-46ce-b54c-9bccce08b6f2}, {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}, {5989fce8-9cd0-467d-8a6a-5419e31529d4}, {72631e54-78a4-11d0-bcf7-00aa00b7b32a}, {53D29EF7-377C-4D14-864B-EB3A85769359}, {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}, {4d36e965-e325-11ce-bfc1-08002be10318}, {4d36e967-e325-11ce-bfc1-08002be10318}, {4d36e968-e325-11ce-bfc1-08002be10318}, {e2f84ce7-8efa-411c-aa69-97454ca4cb57}, {4d36e969-e325-11ce-bfc1-08002be10318}
{4d36e980-e325-11ce-bfc1-08002be10318}, {4d36e96a-e325-11ce-bfc1-08002be10318}, {48721b56-6795-11d2-b1a8-0080c72e74a2}, {49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}, {7ebefbc0-3200-11d2-b4c2-00a0C9697d07}, {c06ff265-ae09-48f0-812c-16753d7cba83}, {d48179be-ec20-11d1-b6b8-00c04fa372a7}, {6bdd1fc1-810f-11d0-bec7-08002be2092f}, {6bdd1fc5-810f-11d0-bec7-08002be2092f}, {ce5939ae-ebde-11d0-b181-0000f8753ec4}, {4d36e970-e325-11ce-bfc1-08002be10318}, {4d36e96d-e325-11ce-bfc1-08002be10318}, {4d36e96e-e325-11ce-bfc1-08002be10318}, {4d36e971-e325-11ce-bfc1-08002be10318}
{50906cb8-ba12-11d1-bf5d-0000f805f530}, {4d36e972-e325-11ce-bfc1-08002be10318}, {4d36e973-e325-11ce-bfc1-08002be10318}, {4d36e974-e325-11ce-bfc1-08002be10318}, {4d36e975-e325-11ce-bfc1-08002be10318}, {268c95a1-edfe-11d3-95c3-0010dc4050a5}, {4d36e977-e325-11ce-bfc1-08002be10318}, {4d36e978-e325-11ce-bfc1-08002be10318}, {4d36e979-e325-11ce-bfc1-08002be10318}, {4658ee7e-f050-11d1-b6bd-00c04fa372a7}, {50127dc3-0f36-415e-a6cc-4cb3be910b65}, {4d36e97b-e325-11ce-bfc1-08002be10318}, {d94ee5d8-d189-4994-83d2-f68d7d41b0e6}, {5175d334-c371-4806-b3ba-71fd53c9258d}, {50dd5230-ba8a-11d1-bf5d-0000f805f530}, {5c4c3332-344d-483c-8739-259e934c9cc8}, {71a27cdd-812a-11d0-bec7-08002be2092f}, {4d36e97d-e325-11ce-bfc1-08002be10318}, {6d807884-7d21-11cf-801c-08002be10318}, {25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}, {eec5ad98-8080-425f-922a-dabf3de3f69a}
Class's
Battery, Biometric, Bluetooth, Camera, CDROM, DiskDrive, Display, Extension, FDC, FloppyDisk, HDC, HIDClass, Dot4, Dot4Print, 61883, AVC, SBP2, 1394, Image, Infrared, Keyboard, MediumChanger, MTD, Modem, Monitor, Mouse, Multifunction, Media, MultiportSerial, Net, NetClient, NetService, NetTrans, SecurityAccelerator, PCMCIA, Ports, Printer, PNPPrinters, Processor, SCSIAdapter, Securitydevices, Sensor, SmartCardReader, SoftwareComponent, Volume, System, TapeDrive, WCEUSBS, WPD
![[Complex Analysis] Find the Isolated Singular Point(s) for f(z)=1/sin(pi/z)](https://images.videosashka.com/watch/47WWBI8UgoU)
Windows Server 2025 New Feature Sid Lookups #paddymaddy #windowsserver2025 #windowsserver
Windows Server 2025 New Feature LAN Manager GPO Setting #WindowsServer2025 #WindowsServer
