Is there a way to restrict a USB to be used on a specific host or a list of approved hosts? Also, can you add multiple levels of approvals, say like the first person is the user's manager, then the security reviewer, and the final approver might be the security manager?
For specific hosts, yes. You would have to put them in their own group and have a separate policy designated for them. For example, you can have a blocked policy that goes to a group including the computer you would like to deploy that to. You would then make another policy with a different group with the permissions that you choose. As far as the approvals, I don't believe you can do that in Endpoint Central however you can probably create a policy within your company that their manager has to have some sort of approval before you whitelist their USB. Which you can probably do within your help desk ticketing system. They get the ticket, they forward the request to their manager, once the manager approves, forward it to the security reviewer, so on and so forth.
Is there a way to restrict a USB to be used on a specific host or a list of approved hosts? Also, can you add multiple levels of approvals, say like the first person is the user's manager, then the security reviewer, and the final approver might be the security manager?
For specific hosts, yes. You would have to put them in their own group and have a separate policy designated for them. For example, you can have a blocked policy that goes to a group including the computer you would like to deploy that to. You would then make another policy with a different group with the permissions that you choose. As far as the approvals, I don't believe you can do that in Endpoint Central however you can probably create a policy within your company that their manager has to have some sort of approval before you whitelist their USB. Which you can probably do within your help desk ticketing system. They get the ticket, they forward the request to their manager, once the manager approves, forward it to the security reviewer, so on and so forth.