Trusted devices are devices to which users that are specified in the trusted device settings have full access at all times.
To work with trusted devices, you can grant access to an individual user, to a group of users, or to all users of the organization.
For example, if your organization does not allow the use of removable drives but administrators use removable drives in their work, you can allow removable drives only for a group of administrators. To do so, add removable drives to the trusted list and configure user access permissions.
It is not recommended to add more than 1000 trusted devices, as this can cause system instability.
Kaspersky Endpoint Security allows you to add a device to the trusted list in the following ways:
If Kaspersky Security Center is not deployed in your organization, you can connect the device to the computer and add it to the trusted list in the application settings. To distribute the list of trusted devices to all computers in your organization, you can enable merging the lists of trusted devices in a policy or use the export / import procedure.
If Kaspersky Security Center is deployed in your organization, you can detect all connected devices remotely and create a list of trusted devices in the policy. The list of trusted devices will be available on all computers to which the policy is applied.
Kaspersky Endpoint Security allows controlling the use of trusted devices (connection and disconnection). You can turn on event logging in notification settings for the Device Control component. Events have the Informational severity level.
Kaspersky Endpoint Security has the following limitations when working with trusted devices:
Kaspersky Endpoint Security administration plug-in versions 11.0.0–11.2.0 cannot work with a list of trusted devices that was created in Kaspersky Endpoint Security version 11.3.0 and 11.4.0. To work with a list of trusted devices from these versions, the administration plug-in must be upgraded to version 11.3.0 and 11.4.0, respectively.
Kaspersky Endpoint Security administration plug-in version 11.3.0 and 11.4.0 cannot work with a list of trusted devices that was created in Kaspersky Endpoint Security version 11.2.0 or earlier. For these versions to work with a list of trusted devices, the application must be upgraded to version 11.3.0 and 11.4.0, respectively. You can also send a request containing a description of your situation to Technical Support through Kaspersky CompanyAccount.
To migrate a list of trusted devices from Kaspersky Endpoint Security version 11.2.0 to version 11.3.0, send a request containing a description of your situation to Technical Support through Kaspersky CompanyAccount.