Since employees have switched to remote working during the COVID-19 pandemic, home printers and removable devices have expanded the attack surface to their companies’ data and daily business operations.
To address this increased security exposure, Microsoft has added new removable storage device and printer controls to Microsoft Defender for Endpoint, the enterprise version of its Windows 10 Defender antivirus.
These new capabilities available in the enterprise endpoint security platform (previously known as Microsoft Defender Advanced Threat Protection) will allow access restrictions to removable devices and blocking printing tasks via non-corporate or non-approved printers.
“We are excited to announce new device control capabilities in Microsoft Defender for Endpoint to secure removable storage scenarios on Windows and macOS platforms and offer an additional layer of protection for printing scenarios,” Microsoft said.
“These new device control capabilities further reduce the potential attack surface on user’s machines and safeguard organizations against malware and data loss in removable storage media scenarios.”
Removable device control protection now generally available
Removable storage access control on Windows and removable storage protection on Mac are generally available, and printer protection on Windows is now available in public preview.
The new removable storage access control capabilities added to the Windows version complement already existing device control protection for scenarios such as removable storage Endpoint DLP, device installation, and removable storage BitLocker.