As workers worked remotely during the COVID-19 pandemic, home printers and removable devices have expanded their attacks on their corporate data and day-to-day business. To address this increased security exposure, Microsoft has added new controls to removable storage devices and printers in Microsoft Defender for Endpoint, the corporate version of Windows 10 Defender antivirus.
These new features available on the corporate endpoint security platform (formerly known as Microsoft Defender Advanced Threat Protection) will allow you to restrict access to removable devices and block print jobs through non-corporate or unauthorized printers.
"Removable device control" protection is now generally available
Windows removable storage access control and Mac storage protection are generally available, and printer protection in Windows is now available in public preview.
New removable storage controls added to Windows version complement existing protection device control for scenarios such as removable Endpoint DLP storage, device installation, and removable BitLocker storage.
The USB storage device added to the Mac version of Microsoft Defender for Endpoint is designed to balance the level of access provided to external storage devices using custom policies.
Last month, Microsoft Defender for Endpoint also added support for jailbroken iOS device detection and mobile application management (MAM) support for Android and iOS not registered with Intune.
By jailbreaking their iOS devices, users gain full access to registration and execution by increasing their root privileges, thus removing all restrictions imposed by Apple on the installation of applications.
Without restrictions, they can later install potentially malicious applications and, bypassing potentially critical security updates to maintain root access, will be exposed to attacks.
Source of information: bleepingcomputer.com