Apricorn and Squadra Technologies have worked together to deliver enterprise security software that is a perfect companion to the Apricorn security storage devices. Combining Apricorn hardware with Squadra Technologies software is a cost-effective secure way to use removable media within your organization.
SecRMM is the only solution capable of providing source file names for write operations. It is the ONLY solution capable of providing detailed forensic data for explorer, cmd sessions, powershell, jscript, vbscript and all other processes involved in write operations. secRMM also provides compressed file inspection! Don't let hackers use scripting to steal your data!
Detailed forensic data for smart phones, tablets and removable media
secRMM monitors and collects very detailed forensic data about removable media write activities. This ensures that if a security incident does occur and removable media is involved, you will be able to understand the exact nature of the security incident. The level of detail collected by secRMM is what distinguishes secRMM from other products that attempt to provide similar functionality. Surprisingly, other competing solutions are not even able to report the files being copied from the local computer and/or network. Missing this important data makes the security forensic data incomplete and will make any security analysis exercise a guessing game. secRMM was developed to address requirements coming from the United States government and military organizations. This means secRMM ensures that removable media write activity is always predictable and the events are always captured to a nonrepudiation store (i.e. the Windows Security event log).
Useful yet simple authorization modules
secRMM provides a removable media authorization layer to prevent any removable media security incidents from ever occurring in the first place. Unlike other competing solutions, secRMM lets you control what files the end-user can copy from the local computer and network. The other authorization modules let you control removable media write activity based on userid, removable media serial number, removable media internal Ids (i.e. VIDs and/or PIDs) and the program used to perform the write operations to the removable media.
Prevent unauthorized devices from mounting
secRMM can prevent unauthorized devices from mounting to the Windows Operating System. The advantage of using this feature is that even though the device cannot be read from or written to, the device still receives power from the Windows computer. This allows your end-users to still charge their device (usually a smart phone or tablet) while keeping the data in your environment safe. A corresponding event is generated when this even occurs so you can even know who is charging their phone or tablet. This feature is available on the device serial number, the device VID/PID and for user ids.
Smart phone app for added security
For heightened security environments such as military and/or government, secRMM comes with a smart phone app that forces the end-user to login (authenticate) from the phone before the phone will appear as a USB storage device to Windows. Note that you are not required to use this feature; it is an optional security feature.
Enforceable two man policy - Watch the Video
secRMM comes with an end-user GUI application called SafeCopy that works in conjunction with secRMM. The SafeCopy user interface mimics the standard Windows explorer program but only allows writing to removable media and adjusts what it displays to the end-user based on secRMM properties. Administrators can easily enable secRMM/SafeCopy to enforce a two man policy. A two man policy means at least 2 people must be involved for the removable media write operation to occur. The two man policy is a common operating procedure in many critical government and military situations. The secRMM/SafeCopy two man policy implementation allows administrators to monitor each operation the end-user takes while using the SafeCopy program. A check is made if an administrator tries to approve himself. This check will not allow the approval.
Removable Media device tracking - Watch the Video
If you configure secRMM so that your end-user must use secRMM SafeCopy to copy file(s) to removable media devices, secRMM puts a small signature onto the removable media device. This gives you the ability to see who the last user was to use a removable media device. This can be a powerful feature for lost or stolen removable media devices.
Transparent integration with hardware/software encryption technology
secRMM works seamlessly with hardware and software encryption technologies. In fact, secRMM generates the necessary security events required:
1. An event telling you that an encryption device has been plugged into the Windows computer (i.e. mounted)
2. An event telling you that the authorization to use the device has succeeded.
Encryption technology authorization is done using either software (i.e. a dialog asking for your password) or hardware using a push button key pad.
secRMM is designed as a light-weight security software product. What this means is that when secRMM does not need to be running, it enters into a quiescent state. The secRMM software will run only when a Removable Media device is plugged into the computer. This means that your end-users will not feel a performance impact from the secRMM software in their normal day-to-day computer work activities.
Tightly integrated with Microsoft Windows Operating System
secRMM was designed to fit into the most common security and monitoring scenarios. This means secRMM utilizes Microsoft best practices by utilizing core Windows Operating System components rather than writing a separate framework to monitor Removable Media devices. The benefit to this approach is that secRMM does not require a large learning curve or large setup period. It also means you can integrate secRMM into your existing security and monitoring strategies/implementations with very little work. secRMM uses the familiar Microsoft Management Console (MMC) as the User Interface (UI) to make secRMM configuration changes.
100% scriptable - Watch the Video
In addition to the MMC User Interface, secRMM can be controlled and configured using any Microsoft COM compatible scripting language (i.e. Powershell, VBScript, Jscript, Perl) as well as any .Net language.
Tightly integrated with Microsoft Active Directory - Watch the Video
secRMM takes advantage of Active Directory in two powerful ways. First, secRMM properties can be applied using Active Directory Group Policy. The Group Policy Editor has both a computer and user configuration security settings secRMM node. The user interface for the Group Policy Editor is identical to the secRMM user interface in the Computer Management MMC. This means secRMM security settings can be applied to the computer, a group of users and/or individual users. Secondly, secRMM can use Active Directory computer object and user object attributes within the secRMM properties (AllowedDirectories, AllowedSerialNumbers and AllowedUsers). This makes applying removable media security policies very easy to maintain and deploy.
Tightly integrated with Microsoft System Center - Watch the Video
Because secRMM does not use a proprietary framework to function, secRMM easily integrates into the system management tools used within any environment. Microsoft System Center is the dominant systems management tool on the market today. secRMM has integration with SCCM, SCOM and Orchestrator.
Tightly integrated with Microsoft Excel 2010 - Watch the Video
secRMM comes with an Excel 2010 AddIn that makes analysis, filtering and reporting very simple.
SecRMM is available with a choice of two different license modes:
1. Enterprise (per domain)
2. Individual - By computer