In Device Control component of Kaspersky Endpoint Security for Windows policy, you can manage user access to external devices that are installed on or connected to the client device (for example, hard drives, cameras, or Wi-Fi modules). This lets you protect the client device from infection when such external devices are connected, and prevent loss or leaks of data.
If you need to grant temporary access to the external device blocked by Device Control but it is not possible to add the device to the list of trusted devices, you can grant temporary offline access to the external device. Offline access means that the client device has no access to the network.
You can grant offline access to the external device blocked by Device Control only if the Allow request for temporary access option is enabled in the settings of Kaspersky Endpoint Security for Windows policy, in the Application settings → Security Controls → Device Control section.
Granting offline access to the external device blocked by Device Control includes the following stages:
To grant temporary access to the external device blocked by Device Control:
The list of managed devices is displayed.
You can select only one device.
The details of the locked device to which the user has requested access is displayed.
This setting defines the length of time for which you grant the user access to the locked device. The default value is the value that was specified by the user when creating the request access file.
This setting defines the time period during which the user can activate access to the blocked device by using the provided access key.
This opens the standard Save access key window of Microsoft Windows.
As a result, when you send the user the access key file and the user activates it in the Kaspersky Endpoint Security for Windows dialog window, the user has temporary access to the blocked device for the specific period.