Cybersecurity doesn’t come in one shape or size. There is a spectrum of strategies at play to protect your network from attack. While we rightly worry about interference from the internet, Microsoft is addressing an issue of equal importance: physical devices.
In an upcoming update for Windows 10 and Windows 11, Microsoft is adding a “layered Group Policy feature” that allows IT administrations to say which types of USB devices are allowed to connect to employee computers. In a blog post, Microsoft explained its thinking:
Every device has a set of ‘identifiers’ that are understood by the system (class, device ID and instance ID). The allow list, which is written by the system admin, contains sets of identifiers that represent different devices – this way a system understands which device is allowed and which is blocked.
The feature will be available with tomorrow’s Patch Tuesday update, and is already live with the July 2021 Windows 10 C client release.
