This article details how to add additional rules to a device in PGP Endpoint.
The PGP Endpoint Device Explorer lets you administer the rules and permissions that determine which devices your users and user groups can and cannot use. If you are defining permissions or a 'Shadow' rule for removable storage devices, you can choose to apply the permission(s) to encrypt and/or decrypt devices.
To further limit permissions, you can also choose the required scope options from the Encryption and Drive panels.
|Caution: Some USB memory sticks are recognized as external hard disk drives. This may lead to confusion and undesired behavior if you select 'All' in the Bus panel and/or 'Both' in the Drive panel sections while defining permissions or a 'Shadow' rule. You may accidentally specify that real secondary hard disk drive(s) may be blocked/allowed/shadowed or forced to be encrypted/decrypted.|
When attempting to add a rule to an existing permission for a device by right-clicking a device and selecting Add/Modify Permissions, the original permission for the device is overwritten with the new rule.
To add an additional rule to a an existing permission, you must add a second instance of the user or user group in the permissions window for the device and then update the permissions for the device for that user/user group.
To update the permissions
- Open the PGP Endpoint Management Console.
- Select the Device Explorer.
- Right-click the device and select Permissions.
- Click Add.
- Add the user/user group and click OK.
- Select the user/user group and place a checkmark by the desired Permissions and Encryption for the group.
- Click OK to update the permissions for the device.