Squadra Removable Media Security Software for Windows

Squadra Removable Media Security Software for Windows

SecRMM Console Software

Quick Overview

  • Comprehensive DLP program that is easy to implement

  • Easily integrates with most enterprise system management products

  • Prevents sensitive data from being copied to Removable Media by unauthorized personnel

  • White listing and Black listing of USB devices

  • Activity reports and audit logs

  • Supports USB keys, USB hard drives, smartphones, CD/DVDs and SD cards

  • Individual and Enterprise licenses available
Squadra overview video

Download 30-Day Trial Version

Squadra SecRMM
Secure Removable Media Manager

Click to download Squadra SecRMM Software

(Full Featured Trial Version)

Type: Application | Version: | Size: 7.8MB


The copy of SecRMM from the above download link will work full featured for a period of 30 days. After the trial period is over, the SecRMM software will continue to work, but with limited functionality. You may re-activate the software’s full feature set by purchasing a license. Licenses start at $25.


Product Manuals

SecRMM Administrator's Guide
SecRMM Central Administrator's Guide
Excel Add In Administrator's Guide

Type: PDF | Size: 1.6MB - 3.21MB

Licensing and Support Questions

Licensing and support questions should be directed to SecRMM@apricorn.com or talk to one of our friendly knowledgeable support staff at
858-513-4431 between 8am-5pm M-F (PST).

Many support questions can be answered by viewing the FAQ’s at the tab below


Squadra Secure Removable Media Manager


Double click on above image to view full picture

Zoom Out
Zoom In

Aditional Views

  • Device online event
  • Central Operations Manager
  • Device Manager
  • Excel Add In that makes analysis, filtering and reporting very simple

Be the first to review this product

Are you involved with PCI DSS, FISMA, HIPAA, SOX and/or GLBA Audits or a U.S. government organization such as DISA and/or DOD? If so, our security products are a must have for you!
Apricorn and Squadra Technologies have worked together to deliver enterprise security software that is a perfect companion to the Apricorn security storage devices. Combining Apricorn hardware with Squadra Technologies software is a cost-effective secure way to use removable media within your organization.
SecRMM is the only solution capable of providing source file names for write operations. It is the ONLY solution capable of providing detailed forensic data for explorer, cmd sessions, powershell, jscript, vbscript and all other processes involved in write operations. secRMM also provides compressed file inspection! Don't let hackers use scripting to steal your data!

Detailed forensic data for smart phones, tablets and removable media

secRMM monitors and collects very detailed forensic data about removable media write activities. This ensures that if a security incident does occur and removable media is involved, you will be able to understand the exact nature of the security incident. The level of detail collected by secRMM is what distinguishes secRMM from other products that attempt to provide similar functionality. Surprisingly, other competing solutions are not even able to report the files being copied from the local computer and/or network. Missing this important data makes the security forensic data incomplete and will make any security analysis exercise a guessing game. secRMM was developed to address requirements coming from the United States government and military organizations. This means secRMM ensures that removable media write activity is always predictable and the events are always captured to a nonrepudiation store (i.e. the Windows Security event log).

Useful yet simple authorization modules

secRMM provides a removable media authorization layer to prevent any removable media security incidents from ever occurring in the first place. Unlike other competing solutions, secRMM lets you control what files the end-user can copy from the local computer and network. The other authorization modules let you control removable media write activity based on userid, removable media serial number, removable media internal Ids (i.e. VIDs and/or PIDs) and the program used to perform the write operations to the removable media.

Prevent unauthorized devices from mounting

secRMM can prevent unauthorized devices from mounting to the Windows Operating System. The advantage of using this feature is that even though the device cannot be read from or written to, the device still receives power from the Windows computer. This allows your end-users to still charge their device (usually a smart phone or tablet) while keeping the data in your environment safe. A corresponding event is generated when this even occurs so you can even know who is charging their phone or tablet. This feature is available on the device serial number, the device VID/PID and for user ids.

Smart phone app for added security

For heightened security environments such as military and/or government, secRMM comes with a smart phone app that forces the end-user to login (authenticate) from the phone before the phone will appear as a USB storage device to Windows. Note that you are not required to use this feature; it is an optional security feature.

Enforceable two man policy - Watch the Video

secRMM comes with an end-user GUI application called SafeCopy that works in conjunction with secRMM. The SafeCopy user interface mimics the standard Windows explorer program but only allows writing to removable media and adjusts what it displays to the end-user based on secRMM properties. Administrators can easily enable secRMM/SafeCopy to enforce a two man policy. A two man policy means at least 2 people must be involved for the removable media write operation to occur. The two man policy is a common operating procedure in many critical government and military situations. The secRMM/SafeCopy two man policy implementation allows administrators to monitor each operation the end-user takes while using the SafeCopy program. A check is made if an administrator tries to approve himself. This check will not allow the approval.

Removable Media device tracking - Watch the Video

If you configure secRMM so that your end-user must use secRMM SafeCopy to copy file(s) to removable media devices, secRMM puts a small signature onto the removable media device. This gives you the ability to see who the last user was to use a removable media device. This can be a powerful feature for lost or stolen removable media devices.

Transparent integration with hardware/software encryption technology

secRMM works seamlessly with hardware and software encryption technologies. In fact, secRMM generates the necessary security events required:

1. An event telling you that an encryption device has been plugged into the Windows computer (i.e. mounted)
2. An event telling you that the authorization to use the device has succeeded.

Encryption technology authorization is done using either software (i.e. a dialog asking for your password) or hardware using a push button key pad.


secRMM is designed as a light-weight security software product. What this means is that when secRMM does not need to be running, it enters into a quiescent state. The secRMM software will run only when a Removable Media device is plugged into the computer. This means that your end-users will not feel a performance impact from the secRMM software in their normal day-to-day computer work activities.

Tightly integrated with Microsoft Windows Operating System

secRMM was designed to fit into the most common security and monitoring scenarios. This means secRMM utilizes Microsoft best practices by utilizing core Windows Operating System components rather than writing a separate framework to monitor Removable Media devices. The benefit to this approach is that secRMM does not require a large learning curve or large setup period. It also means you can integrate secRMM into your existing security and monitoring strategies/implementations with very little work. secRMM uses the familiar Microsoft Management Console (MMC) as the User Interface (UI) to make secRMM configuration changes.

100% scriptable - Watch the Video

In addition to the MMC User Interface, secRMM can be controlled and configured using any Microsoft COM compatible scripting language (i.e. Powershell, VBScript, Jscript, Perl) as well as any .Net language.

Tightly integrated with Microsoft Active Directory - Watch the Video

secRMM takes advantage of Active Directory in two powerful ways. First, secRMM properties can be applied using Active Directory Group Policy. The Group Policy Editor has both a computer and user configuration security settings secRMM node. The user interface for the Group Policy Editor is identical to the secRMM user interface in the Computer Management MMC. This means secRMM security settings can be applied to the computer, a group of users and/or individual users. Secondly, secRMM can use Active Directory computer object and user object attributes within the secRMM properties (AllowedDirectories, AllowedSerialNumbers and AllowedUsers). This makes applying removable media security policies very easy to maintain and deploy.

Tightly integrated with Microsoft System Center - Watch the Video

Because secRMM does not use a proprietary framework to function, secRMM easily integrates into the system management tools used within any environment. Microsoft System Center is the dominant systems management tool on the market today. secRMM has integration with SCCM, SCOM and Orchestrator.

Tightly integrated with Microsoft Excel 2010 - Watch the Video

secRMM comes with an Excel 2010 AddIn that makes analysis, filtering and reporting very simple.

Flexible licensing

SecRMM is available with a choice of two different license modes:

1. Enterprise (per domain)
2. Individual - By computer

Write Your Own Review

You're reviewing: Squadra Removable Media Security Software for Windows

How do you rate this product? *

  1 star 2 stars 3 stars 4 stars 5 stars

  • If you have difficulty in reading the image above then refresh your browser a few times until you see an image that is clear enough to copy.

Product FAQs

Ask a Question

  • If you have difficulty in reading the image above then refresh your browser a few times until you see an image that is clear enough to copy.

Ask Question

What are the ECCN and HST codes used for shipping this device outside the US?

ECCN: 5A992A and HTS code 8473.50.3000

Does secRMM monitor CDROM/DVDs?

You can enable this feature by setting the MonitorCDROMAndDVD secRMM property. You also need to use the CD/DVD as a usb drive. This ensures all write events are recorded.

What kind of performance penalty can I expect when secRMM is running? Will the write operations be significantly slower to the point of the user complaining?

Your end-users will not even know secRMM is running. The product was designed using multi-threading techniques and asychronous I/Os. In other words, the product was designed to be as light-weight as possible.

What happens after the 14 day trial is over?

secRMM will just stop recording events in the event logs. However, it will still be installed and ready to continue working once the license file is copied to the computer.

What is the best way to distribute the software?

We recommend you use a software distribution tool such as Microsoft Configuration Manager or AD Group Policy.

Does secRMM monitor reads from Removable Media devices?

No. If you feel strongly about this feature, please contact Squadra Technologies to discuss.

Does secRMM monitor internal hard drives?

No. If you feel strongly about this feature, please contact Squadra Technologies to discuss.

How do I get my computer's Host Name for my software license?

Every Windows computer that runs secRMM will need a secRMM computer license file. The computer license file name will be the name of the Windows computer with a file extension of lic. For example, if there was a Windows computer named AcctingWrkSta1, the secRMM computer license file would be named AcctingWrkSta1.lic. The secRMM computer license file needs to reside in the secRMM installation directory (by default, \Program Files\secRMM).

To obtain the secRMM computer license files, you must contact Apricorn.

To get the name of the computer, you can echo the COMPUTERNAME environment variable. To do this, open a command window and type:


How do I license multiple computers on a single domain?

Every Windows computer that runs secRMM will need a secRMM enterprise license file. The enterprise license file name will be the name of your domain with a file extension of lic. For example, if your domain is named contoso, the secRMM enterprise license file would be named contoso.lic. The secRMM enterprise license file needs to reside in the secRMM installation directory (by default, \Program Files\secRMM). To obtain the secRMM enterprise license file, you must contact Apricorn. 

The high-level sequence of events for secRMM enterprise licensing is summarized below:

1. Email your domain name to Apricorn. 

2. We will email back to you a secRMM enterprise license file. 

3. The enterprise license file gets copied into the secRMM installation directory on each computer with secRMM installed on it. 

Creating the list of computers

If you are in a domain environment, you can run the VBscript named ListComputersInDomain.vbs. This script is in the secRMMDeployment.zip which you can download from Apricorn's web site. This script generates a list of computers from your Active Directory repository.

Be sure you read the comment header in ListComputersInDomain.vbs as you will need to change the domain name to be your domain name (on line 36). To run the script, open an elevated command window and type:

cscript //NoLogo ListComputersInDomain.vbs > MyComputers.txt 

The output of this script (in the example above, it will be the file MyComputers.txt) is what you will email to Apricorn (see step 1 directly below). 

The high-level sequence of events for secRMM computer licensing is summarized below:

1. Generate a list of all the computers in your environment that run secRMM. 

2. Email the list generated in step 1 above to Apricorn. 

3. We will email back to you a computer license file for every computer in the list. 

4. The computer license file gets copied into the secRMM installation directory on each computer with secRMM installed on it. 

Apricorn End-User License Agreement
(Size: 48.27 KB)