In order to comply with NIST 800-171, policies must be created to limit the use of portable storage devices in a corporate environment. The purpose of this policy is to prohibit the use of portable storage devices that do not include an identifiable owner which also includes an approach for handling and protecting CUI that is shared between federal agencies and organizations. The following will provide you with the steps needed to enforce NIST 800-171 with the Bitdefender client.
Bitdefender provides the ability to manage USB devices in your environment. Included below are a list of various device classes that can be blocked or allowed. This can be accessed by logging into your Bitdefender portal, click Policies then Device Control:
In order to approve\whitelist a device, please click on Policies, Add and then create the new policy that will include the specifics for the new policy that will be applied to your environment.
Next, connect the device (for example, a USB hard drive) into a workstation that has the policy above applied to it. Since the device you’ve connected has never been approved, Bitdefender will DENY (see below) the device:
In order to allow the device connected to be accessed, the following must be done in the Bitdefender console:
- Click Device Control
- Click Exclusions
- Click Add
- Select From Discovered Devices
On the following screen, select the computer name from the list that has the device connected to it, provide a description, changed the permission to Allowed and then click Save on the following page and the device being configured is Allowed (see below):
In order to apply the new policy to additional clients, click Network, select the OU that includes the client, select the client you’d like to apply the policy to, click Tasks, select Reconfigure Client, select Now, select Device Control and then Save.
You will now notice that the Bitdefender client will turn OFF and then back ON for the targeted machine. A restart of client is required in order for the policy to apply successfully. The option to force a restart by the administrator using the Bitdefender Admin portal is available by following these steps: Check the box to the left of the client, select Tasks and then Restart Machine.
Side note – a special thanks to Michael White for taking the time to review my draft while also providing solid suggestions to improve it. Michael’s blog can be found here and he recently posted two Bitdefender articles, listed below:
PSA: October is #Blogtober !