ECCN: 5A992A and HTS code 8473.50.3000
Squadra Removable Media Security Software for Windows
Squadra Removable Media Security Software for WindowsSecRMM Console Software
Are you involved with PCI DSS, FISMA, HIPAA, SOX and/or GLBA Audits or a U.S. government organization such as DISA and/or DOD? If so, our security products are a must have for you!
Apricorn and Squadra Technologies have worked together to deliver enterprise security software that is a perfect companion to the Apricorn security storage devices. Combining Apricorn hardware with Squadra Technologies software is a cost-effective secure way to use removable media within your organization.
SecRMM is the only solution capable of providing source file names for write operations. It is the ONLY solution capable of providing detailed forensic data for explorer, cmd sessions, powershell, jscript, vbscript and all other processes involved in write operations. secRMM also provides compressed file inspection! Don't let hackers use scripting to steal your data!
Detailed forensic data for smart phones, tablets and removable media
secRMM monitors and collects very detailed forensic data about removable media write activities. This ensures that if a security incident does occur and removable media is involved, you will be able to understand the exact nature of the security incident. The level of detail collected by secRMM is what distinguishes secRMM from other products that attempt to provide similar functionality. Surprisingly, other competing solutions are not even able to report the files being copied from the local computer and/or network. Missing this important data makes the security forensic data incomplete and will make any security analysis exercise a guessing game. secRMM was developed to address requirements coming from the United States government and military organizations. This means secRMM ensures that removable media write activity is always predictable and the events are always captured to a nonrepudiation store (i.e. the Windows Security event log).
Useful yet simple authorization modules
secRMM provides a removable media authorization layer to prevent any removable media security incidents from ever occurring in the first place. Unlike other competing solutions, secRMM lets you control what files the end-user can copy from the local computer and network. The other authorization modules let you control removable media write activity based on userid, removable media serial number, removable media internal Ids (i.e. VIDs and/or PIDs) and the program used to perform the write operations to the removable media.
Prevent unauthorized devices from mounting
secRMM can prevent unauthorized devices from mounting to the Windows Operating System. The advantage of using this feature is that even though the device cannot be read from or written to, the device still receives power from the Windows computer. This allows your end-users to still charge their device (usually a smart phone or tablet) while keeping the data in your environment safe. A corresponding event is generated when this even occurs so you can even know who is charging their phone or tablet. This feature is available on the device serial number, the device VID/PID and for user ids.
Smart phone app for added security
For heightened security environments such as military and/or government, secRMM comes with a smart phone app that forces the end-user to login (authenticate) from the phone before the phone will appear as a USB storage device to Windows. Note that you are not required to use this feature; it is an optional security feature.
Enforceable two man policy - Watch the Video
secRMM comes with an end-user GUI application called SafeCopy that works in conjunction with secRMM. The SafeCopy user interface mimics the standard Windows explorer program but only allows writing to removable media and adjusts what it displays to the end-user based on secRMM properties. Administrators can easily enable secRMM/SafeCopy to enforce a two man policy. A two man policy means at least 2 people must be involved for the removable media write operation to occur. The two man policy is a common operating procedure in many critical government and military situations. The secRMM/SafeCopy two man policy implementation allows administrators to monitor each operation the end-user takes while using the SafeCopy program. A check is made if an administrator tries to approve himself. This check will not allow the approval.
Removable Media device tracking - Watch the Video
If you configure secRMM so that your end-user must use secRMM SafeCopy to copy file(s) to removable media devices, secRMM puts a small signature onto the removable media device. This gives you the ability to see who the last user was to use a removable media device. This can be a powerful feature for lost or stolen removable media devices.
Transparent integration with hardware/software encryption technology
secRMM works seamlessly with hardware and software encryption technologies. In fact, secRMM generates the necessary security events required:
1. An event telling you that an encryption device has been plugged into the Windows computer (i.e. mounted)
2. An event telling you that the authorization to use the device has succeeded.
Encryption technology authorization is done using either software (i.e. a dialog asking for your password) or hardware using a push button key pad.
secRMM is designed as a light-weight security software product. What this means is that when secRMM does not need to be running, it enters into a quiescent state. The secRMM software will run only when a Removable Media device is plugged into the computer. This means that your end-users will not feel a performance impact from the secRMM software in their normal day-to-day computer work activities.
Tightly integrated with Microsoft Windows Operating System
secRMM was designed to fit into the most common security and monitoring scenarios. This means secRMM utilizes Microsoft best practices by utilizing core Windows Operating System components rather than writing a separate framework to monitor Removable Media devices. The benefit to this approach is that secRMM does not require a large learning curve or large setup period. It also means you can integrate secRMM into your existing security and monitoring strategies/implementations with very little work. secRMM uses the familiar Microsoft Management Console (MMC) as the User Interface (UI) to make secRMM configuration changes.
100% scriptable - Watch the Video
In addition to the MMC User Interface, secRMM can be controlled and configured using any Microsoft COM compatible scripting language (i.e. Powershell, VBScript, Jscript, Perl) as well as any .Net language.
Tightly integrated with Microsoft Active Directory - Watch the Video
secRMM takes advantage of Active Directory in two powerful ways. First, secRMM properties can be applied using Active Directory Group Policy. The Group Policy Editor has both a computer and user configuration security settings secRMM node. The user interface for the Group Policy Editor is identical to the secRMM user interface in the Computer Management MMC. This means secRMM security settings can be applied to the computer, a group of users and/or individual users. Secondly, secRMM can use Active Directory computer object and user object attributes within the secRMM properties (AllowedDirectories, AllowedSerialNumbers and AllowedUsers). This makes applying removable media security policies very easy to maintain and deploy.
Tightly integrated with Microsoft System Center - Watch the Video
Because secRMM does not use a proprietary framework to function, secRMM easily integrates into the system management tools used within any environment. Microsoft System Center is the dominant systems management tool on the market today. secRMM has integration with SCCM, SCOM and Orchestrator.
Tightly integrated with Microsoft Excel 2010 - Watch the Video
secRMM comes with an Excel 2010 AddIn that makes analysis, filtering and reporting very simple.
SecRMM is available with a choice of two different license modes:
1. Enterprise (per domain)
2. Individual - By computer
Comprehensive DLP program that is easy to implement
Easily integrates with most enterprise system management products
Prevents sensitive data from being copied to Removable Media by unauthorized personnel
Supports USB keys, USB hard drives, smartphones, CD/DVDs and SD cards
Flexible Right Management - Control access to directories by user and/or device
Provides audit logs of all data writes to removable media via Windows Security Event log and SecRMM event log
Can White list / Black list devices
Unauthorized devices are blocked from mounting and writing to the network
Security Policies enforced via Active Directory (GPO)
Individual and Enterprise licenses available
Executive overview - [1.20 min]
Installation Overview - [3.30 min]
Simple Demo - [6.48 min]
Enforceable Two Man Policy - [11.02 min]
Supports USB keys, USB hard drives, smartphones, CD/DVDs and SD cards
Supported Operating Systems:
Windows XP / Vista
Windows 7 and 8 (both 32 & 64 bit OS)
What are the ECCN and HST codes used for shipping this device outside the US?
Does secRMM monitor CDROM/DVDs?
What kind of performance penalty can I expect when secRMM is running? Will the write operations be significantly slower to the point of the user complaining?
What happens after the 14 day trial is over?
What is the best way to distribute the software?
Does secRMM monitor reads from Removable Media devices?
Does secRMM monitor internal hard drives?
How do I get my computer's Host Name for my software license?
Every Windows computer that runs secRMM will need a secRMM computer license file. The computer license file name will be the name of the Windows computer with a file extension of lic. For example, if there was a Windows computer named AcctingWrkSta1, the secRMM computer license file would be named AcctingWrkSta1.lic. The secRMM computer license file needs to reside in the secRMM installation directory (by default, \Program Files\secRMM).
To obtain the secRMM computer license files, you must contact Apricorn.
To get the name of the computer, you can echo the COMPUTERNAME environment variable. To do this, open a command window and type:
How do I license multiple computers on a single domain?
Every Windows computer that runs secRMM will need a secRMM enterprise license file. The enterprise license file name will be the name of your domain with a file extension of lic. For example, if your domain is named contoso, the secRMM enterprise license file would be named contoso.lic. The secRMM enterprise license file needs to reside in the secRMM installation directory (by default, \Program Files\secRMM). To obtain the secRMM enterprise license file, you must contact Apricorn.
The high-level sequence of events for secRMM enterprise licensing is summarized below:
1. Email your domain name to Apricorn.
2. We will email back to you a secRMM enterprise license file.
3. The enterprise license file gets copied into the secRMM installation directory on each computer with secRMM installed on it.
Creating the list of computers
If you are in a domain environment, you can run the VBscript named ListComputersInDomain.vbs. This script is in the secRMMDeployment.zip which you can download from Apricorn's web site. This script generates a list of computers from your Active Directory repository.
Be sure you read the comment header in ListComputersInDomain.vbs as you will need to change the domain name to be your domain name (on line 36). To run the script, open an elevated command window and type:
cscript //NoLogo ListComputersInDomain.vbs > MyComputers.txt
The output of this script (in the example above, it will be the file MyComputers.txt) is what you will email to Apricorn (see step 1 directly below).
The high-level sequence of events for secRMM computer licensing is summarized below:
1. Generate a list of all the computers in your environment that run secRMM.
2. Email the list generated in step 1 above to Apricorn.
3. We will email back to you a computer license file for every computer in the list.
4. The computer license file gets copied into the secRMM installation directory on each computer with secRMM installed on it.