You can add override rules to a removable storage control set. These rules provide additional flexibility to prevent or allow eligible storage devices based on the following criteria:
- Encrypted Devices —The removable storage device's encryption status
- Product ID —The removable storage device's identifier for an individual product
- Vendor ID —The removable storage device's identifier for a specific company
- Serial Number —The removable storage device's unique identifier
When a removable storage device matches more than one override, the most restrictive override applies.
If you do not configure override rules, the default policy of the removable storage control set is applied to any supported removable storage devices that attempt to mount.
Override rules are not supported for SD cards used with internal SDXC card slots or external SD card reader adapters. The default permission configured in the removable storage control set is enforced.
- Add list data for storage devices by doing one of the following:
- Upload CSV File —Upload Vendor IDs and Serial Numbers by a CSV file with one column containing the identifying values. You can upload Product IDs by CSV file with one column containing Vendor IDs and a second column containing Product IDs.
- Add Text Input —Add Vendor IDs and Serial Numbers by a list of comma separated values. You can add Product IDs one at a time by entering the Vendor ID and Product ID.
Removable storage devices must be provided in the following formats:
- Product ID —0x1d00
- Vendor ID —0x13fe
- Serial Number —5B6B0B88D431
Example:You can find a USB device's details from the System Report view on your macOS computer.