deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/client-management/mdm/policy-csp-dataprotection.md
David Coulter 74c8191dc0
Links: Windows - client-management (2021-01)
2021-03-25 06:59:20 -07:00

4.0 KiB
Raw Blame History

title, description, ms.author, ms.topic, ms.prod, ms.technology, author, ms.localizationpriority, ms.date, ms.reviewer, manager
title description ms.author ms.topic ms.prod ms.technology author ms.localizationpriority ms.date ms.reviewer manager
Policy CSP - DataProtection Use the Policy CSP - DataProtection setting to block direct memory access (DMA) for all hot pluggable PCI downstream ports until a user logs into Windows. dansimp article w10 windows manikadhiman medium 09/27/2019 dansimp

Policy CSP - DataProtection

DataProtection policies

DataProtection/AllowDirectMemoryAccess
DataProtection/LegacySelectiveWipeID

DataProtection/AllowDirectMemoryAccess

Windows Edition Supported?
Home cross mark
Pro check mark
Business check mark
Enterprise check mark
Education check mark

Scope:

[!div class = "checklist"]

  • Device

This policy setting allows you to block direct memory access (DMA) for all hot pluggable PCI downstream ports until a user logs into Windows. Once a user logs in, Windows will enumerate the PCI devices connected to the host plug PCI ports. Every time the user locks the machine, DMA will be blocked on hot plug PCI ports with no children devices until the user logs in again. Devices which were already enumerated when the machine was unlocked will continue to function until unplugged. This policy setting is only enforced when BitLocker Device Encryption is enabled.

Most restricted value is 0.

The following list shows the supported values:

  • 0 Not allowed.
  • 1 (default) Allowed.

DataProtection/LegacySelectiveWipeID

Windows Edition Supported?
Home check mark
Pro check mark
Business check mark
Enterprise check mark
Education check mark

Scope:

[!div class = "checklist"]

  • Device

Important

This policy may change in a future release. It may be used for testing purposes, but should not be used in a production environment at this time.

Setting used by Windows 8.1 Selective Wipe.

Note

 This policy is not recommended for use in Windows 10.

Footnotes:

  • 1 - Available in Windows 10, version 1607.
  • 2 - Available in Windows 10, version 1703.
  • 3 - Available in Windows 10, version 1709.
  • 4 - Available in Windows 10, version 1803.
  • 5 - Available in Windows 10, version 1809.
  • 6 - Available in Windows 10, version 1903.
  • 7 - Available in Windows 10, version 1909.
  • 8 - Available in Windows 10, version 2004.