Data loss through USB drives, printers, and other peripheral devices continues to be one of the most overlooked yet effective attack vectors inside enterprises. Despite advances in network and cloud security, sensitive information often leaves organizations through unmanaged endpoints, whether via intentional insider actions or accidental misuse. Regulatory compliance frameworks such as GDPR, HIPAA, and PCI-DSS also mandate strict control over removable media and device access, making this challenge both a security and compliance priority for IT teams. That’s why we built Veltar to ensure I/O device access control across platforms.
Today, we are extending the same Veltar I/O Device Access Control for Windows, enabling IT administrators to enforce data protection policies at the most critical layer: the endpoint. By providing granular, scalable controls over storage and peripheral devices, this helps organizations prevent unauthorized data transfers before they happen.
Why this matters
The purpose behind building this feature is to strike the right balance between operational flexibility and uncompromising security. We understand that storage and peripheral devices are a proven weak link in enterprise security. A single unencrypted USB stick or unsanctioned Bluetooth connection can bypass sophisticated defenses and lead to costly data loss. With Veltar’s I/O Device Access Control, IT admins gain direct control over which devices can interact with corporate data — from USB drives to printers — ensuring that sensitive information remains protected.
The supported OS includes Windows 10, 11 Pro and Home, and Server 2022, 2025.
What does this mean for IT teams managing Windows devices:
- Default access levels by device category: Enforce consistent policies across storage devices, Human Interface Devices (keyboard, mouse), wireless devices (Bluetooth), media/image devices, printers, network adapters, USB headphones, and WPD (Windows Portable Devices).
- Granular access with device instance IDs: Every device has a unique identifier. With Veltar, IT admins can use it to allow only approved hardware (like company-issued USB drives) while blocking everything else.
- Encrypted storage enforcement: Permit access only to encrypted storage devices, preventing unsecured data transfers.
- Custom user notifications: Configure messages that inform users when device access is blocked, reducing friction and confusion.
- Flexible policy targeting: Apply controls to all users on a device or selected accounts.
- Context-aware restrictions: Set access rules based on day, time, or IP address for flexible enforcement.
Getting started
This update enriches Veltar’s capabilities as a true endpoint DLP solution on Windows. For detailed instructions, check the I/O Device Access Control documentation.
What’s next
Veltar continues evolving with features designed for enterprise security challenges. Reach out if you want a demo or support implementing this feature.
