deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 22:07:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update control-usb-devices-using-intune.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT 2021-04-09 10:49:49 -07:00
parent c105223da8
commit 4fca07d834
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
windows/security/threat-protection/device-control/control-usb-devices-using-intune.md
View File

@ -68,7 +68,7 @@ To prevent malware infections or data loss, an organization may restrict USB dri
All of the above controls can be set through the Intune [Administrative Templates](/intune/administrative-templates-windows). The relevant policies are located here in the Intune Administrator Templates: All of the above controls can be set through the Intune [Administrative Templates](/intune/administrative-templates-windows). The relevant policies are located here in the Intune Administrator Templates:
![AdminTemplates](images/admintemplates.png) ![screenshot of list of Admin Templates](images/admintemplates.png)
>[!Note] >[!Note]
>Using Intune, you can apply device configuration policies to Azure AD user and/or device groups. >Using Intune, you can apply device configuration policies to Azure AD user and/or device groups.
@ -211,13 +211,13 @@ You can prevent installation of the prohibited peripherals with matching device
Using Intune, you can limit the services that can use Bluetooth through the ["Bluetooth allowed services"](/windows/client-management/mdm/policy-csp-bluetooth#servicesallowedlist-usage-guide). The default state of "Bluetooth allowed services" settings means everything is allowed. As soon as a service is added, that becomes the allowed list. If the customer adds the Keyboards and Mice values, and doesnt add the file transfer GUIDs, file transfer should be blocked. Using Intune, you can limit the services that can use Bluetooth through the ["Bluetooth allowed services"](/windows/client-management/mdm/policy-csp-bluetooth#servicesallowedlist-usage-guide). The default state of "Bluetooth allowed services" settings means everything is allowed. As soon as a service is added, that becomes the allowed list. If the customer adds the Keyboards and Mice values, and doesnt add the file transfer GUIDs, file transfer should be blocked.
![Bluetooth](images/bluetooth.png) ![screenshot of Bluetooth settings page](images/bluetooth.png)
### Use Microsoft Defender for Endpoint baseline settings ### Use Microsoft Defender for Endpoint baseline settings
The Microsoft Defender for Endpoint baseline settings represent the recommended configuration for ATP. Configuration settings for baseline are located in the edit profile page of the configuration settings. The Microsoft Defender for Endpoint baseline settings represent the recommended configuration for threat protection. Configuration settings for baseline are located in the edit profile page of the configuration settings.
![Baselines](images/baselines.png) ![Baselines in MEM](images/baselines.png)
## Prevent threats from removable storage ## Prevent threats from removable storage