Thanks a lots, bull eyes . I hope that you will create a complete playlist for the Intune!!

Merci Jonathan pour vos tutos. Vous explications sont claires et la démo facile à suivre. Vous faites un excellent travail.

excellent ,my only concern is this subject policy don't block whole docking stations ,but only usb mass storage

Honestly, Jonathan, when I see the relative complexity of the thing, I am happy to manage hybrid environments and therefore to be able to continue easily with gpo's to manage this !

I love it and I'll looking forward for how to block removable storage on macOS via Intune as well. Thanks for good content guy.

Saved the day mate! Thanks!

Thanks ❤❤❤

Love your videos. Simple and friendly.

Hey Jonathan, I did all the process, on the first one to deny write access, everything got ok, but when I did th rest of the process, exactly like the video, the usb wasn´t get the blocked like before

Excellent and timely! Could you please assist with blocking the computer and laptop cameras while allowing them to work in Microsoft Teams? Additionally, I need to stop Microsoft Teams from launching at Windows startup. I’ve tried various methods, but it still starts automatically.

excellent video again.

Awesome one. I've created the (almost) same policy last week. I am running this as a pilot. One thing about the Allowed USB from your video. I would assume you would assign this Allowed USB to a new ASR rule which is assigned to the CEOs device, right? Now this USB is allowed on every device.

Thank you sir for your work for our community

Hi Jon @bearded365guy Thanks for the great video! Are only USB storage devices affected here or also USB-A/USB-C devices such as USB-C monitors or USB-C/Thunderbolt docking stations or Logitech USB-A Receiver for Keyboards & Mouses or USB-A/C Cameras? In "Option 1 - Block write access", is the transfer from the USB storage device to the device itself is also blocked here, i.e. as you show in the video, you create a document on the USB storage device and open it, what if you now drag this file to the laptop/PC is this prevented by the Intune policy? If not, option 2 would be the right policy to prevent this

Thanks for this video Jonathan. Are you aware of any solution to block USB for MAC?

Thanks for explaining alot of things in 365 and making it easier to understand! U the best 👌

Thanks , very helpful

Any idea why this policy does apply to a machine I can see the setting in the registry but they can still read and write to USB drives. I only have this policy applied to 1 machine just FYI

Is it possible to just allow read for some filetypes on USB?

Does a phone count as a USB storage device? I want to block thumb drives completely, but allow people to copy photos from their phones.

For the ones with "old" on-prem environments it could also be done with gpo:s 😊 but great video as usual! To get "all" gpos to m365 before all computers gets migrated could be a video for you, if you don't have it already 😇

Hi Jonathan, We have blocked the USB devices from Device Configuration, General, Removable Storage. Is there any advantage of doing the new way that you showed in-the video?

Thanks a lot for this video!!! will this also block FIDO keys?

If I do this will it affect wireless keyboard dongle?

My devices are in intune and running defender for busines but full blocking not working. Two different Tenants not working

How can I use the exception in this case? Block for a user, but enable access on request.

I have tried , ready only works, but step to full blocking not working.

I am trying this in Hybrid mode, haven't fully tested it but I have excluded a couple of people.