Today, teleworking has become commonplace in the business world. For this reason, it is normal that more and more employees go to work remotely instead of in person. As a result, printers and removable storage devices are now being targeted more than ever by hackers to obtain data from companies and their daily business operations.
What’s new in Microsoft Defender ATP
So that we can contain and address this increased exposure to the security of these elements, Microsoft has been responsible for adding new features to its antivirus Microsoft Defender ATP, the business version of your Windows Defender antivirus. Among them we find a new protection for printers and external storage devices.
This new functionality will allow you to restrictions access to removable storage devices and job blocking printing through non-corporate or unapproved printers. And, although these devices will help us increase our productivity, they also represent a threat to business data and serve as a potential entry point for malware and viruses.
Removable Device Protection Now Available
According to Microsoft, it is providing new access control capabilities for removable storage systems in Windows and that are already available. This complements existing device control protection in scenarios such as device installation, Endpoint DLP removable storage, and BitLocker removable storage.
This new removable storage protection function will help us to audit, allow and prevent read, write or execution access to the removable storage device, depending on various properties of the device. For example, data such as Descriptive Name, Serial Number, Vendor ID, among others.
With regard to protecting printers in Windows, you are now public preview available for Microsoft Defender ATP. This new feature will allow us to prevent users from printing through a non-corporate network printer or an unapproved UBS printer. This will add a new additional layer of security and data protection to perform work from home or other remote work scenarios.
Support for jailbroken iOS devices
As early as last month, Microsoft began adding support for detecting jailbroken iOS devices into Microsoft Defender ATP. Likewise, it also included mobile application management support for Android and iOS devices that are not registered in Intune. And it is that when a user jailbreak their iOS device, they are obtaining full write access and high execution permissions. This removes all restrictions imposed by Apple for the installation of applications.
With no restrictions, you can later install applications that can be especially dangerous, as well as bypass important security updates, because you are also exposed to possible attacks.