USB Control Software to Prevent Data Theft

AccessPatrol is a data loss prevention and USB control software to protect sensitive data against theft to portable storage devices.

Block USB devices and other peripherals to mitigate the threat of USB malware and data leakage.

Prevent Data Theft to USB Devices
Real Time USB Usage Alerts
Allow Only Authorized USB Devices
Block USB File Transfers

Trusted by 

Pepsi-Cola Logo
NASA Logo
AXA Logo
Panasonic logo
San Diego Padres logo

Monitor & Control USB Devices to
Secure Data Against Insider Threats

Granular control over USB device use and more

Protect sensitive data with AccessPatrol’s USB control solutions. Block or limit the use of storage devices, wireless connectivity, communication ports, imaging devices, and other peripherals. Policies can be uniquely configured for each user, endpoint, and department.

  • Easily block USBs, optical media, mobile devices, SD cards, and other removable media
  • Disable wireless connections through Bluetooth, infrared, and WiFi
  • Block employees from using scanners, printers, and cameras to steal sensitive data

Test drive the live demo

AccessPatrol USB file operations report with 15 different file operations listed.

Test drive the live demo

Monitor USB activity for suspicious
and high-risk behavior

AccessPatrol’s USB control features include a USB activity monitor for increased visibility into high-risk data transfers.

  • Receive real time email alerts when employees violate your endpoint security policies
  • Audit file operations reports to see files that have been copied, created, deleted, or renamed on removable media devices
  • Review USB activity logs to trace data breaches back to their source

Prevent the use of unauthorized portable storage hardware

AccessPatrol’s DLP solutions give you the USB device control features you need to protect sensitive data.

  • Effortlessly block all peripheral devices that fall outside of your allowed devices lists
  • Exempt USB devices used by tech support and other trusted users
  • Temporarily grant time-limited access to blocked devices using the Access Code Generator

Test drive the live demo

Try AccessPatrol for Free

Fully Functional. Easy to use. Install in minutes

Case Study

Viking Yachts Protects Sensitive Information From a Departing Employee

Viking Yachts logo

When it comes to data security, businesses are faced with a serious predicament: You want to show your employees that you trust them, but you also need to keep sensitive data safe from theft and misuse. 

The data security risks of offboarding employees simply cannot be understated. It’s been reported that 70% of intellectual property theft occurs within the 90 days before an employee’s resignation announcement. 

Without a USB device control application an organization has no way to monitor for and control these data security threats; data theft is as easy as users plugging in removable storage devices into USB ports and transferring the files.

Vincent  from Viking Yachts discovered this first hand when an employee in their company put in their 3-weeks notice. After Vincent audited the employee’s USB activity with AccessPatrol he found evidence of a large data transfer to a USB storage device coming from the employee’s account.

“I was asked to audit an employee that gave their 3-weeks notice. When I ran AccessPatrol’s reports I found that they were transferring a large amount of classified company files to take with them! If we didn’t have CurrentWare we would have never known what was going on.”

Once confronted with the evidence, the employee confessed to their crimes. The insights provided by AccessPatrol’s USB storage use reports were essential for capturing evidence of the attempted data theft. 

“CurrentWare saved us a lot of time and money. If we didn’t have AccessPatrol we would have never known what was going on. I cannot thank all of you enough for this software.”

Vincent Pecoreno

Network Administrator, Viking Yachts

USB Control & DLP Solutions to
Protect Against Insider Data Theft

Illustration depicting endpoint security by having two security guards standing in front of a computer

Removable Storage & USB Control

AccessPatrol’s DLP and device control features protect your computers against malicious peripherals and high-risk file transfers.

Illustration of a man on a laptop. There are icons of file folders behind him protected by a shield with a lock icon

Prevent USB Data Leakage

Improve data security with granular device control features. Control who can transfer data to USB devices and what devices they can transfer to.

Illustration depicting USB devices by showing a hand placing a file in a folder

USB File Transfer Visibility

Gain more insight into how employees are handling sensitive company data. Generate USB activity reports to investigate files that have been transferred or modified.

Illustration of a man on a laptop surrounded by gear icons

Granular USB Lockdown Policies

Set unique content blocking policies for each user, endpoint, and department in your organization. Have policies follow users in any computer they use.

Illustration of a man sitting in a chair operating a console

Centralized Device Control

All of CurrentWare’s endpoint security solutions operate from a convenient central console. Centrally monitor, manage, and block USB device access in your network.

Illustration of three employees framed by cogs

Remote Workers Compatible

Protect sensitive data no matter where your employees work. Our device control solutions continue to control USB permissions even after a device leaves your network.

Manage DLP & device control policies from a convenient central console

Screenshot of the central console of AccessPatrol endpoint security solutions

Starting at $2.99 USD per license/month

Flexible Deployment Options

Icon of a hard drive

On Premises

Easy to install. Everything stored on your own network.

Icon of globe with meridians. Four nodes extending from it

Remote Workers

Connect remote users with minimal configuration.

Icon of a server with a cloud behind it

Private Cloud

All the benefits of the cloud on a server of your choice.

Check out our great reviews on Capterra!

"This software helps us to achieve compliance with industry and government requirements."

- Matthew W, Project Manager
Mindrum Precision

"Endpoint security simple and easy and economical. All in one place!"

- Pankaj S, President
eRecords USA

Try AccessPatrol for Free

Fully Functional. Easy to use. Install in minutes

AccessPatrol’s USB Control & Data Protection Features

Block USB

Block USB

One click to block USB portable storage devices 

Block External Devices

Peripheral Control

Easily block DVDs, iPods, external hard drives and more

Device Permissions

Device Permissions

Set full access, read only or no access on storage devices

Allowed List

Allowed List

Allow specific storage devices to be used on your network

Reports

USB Activity Reports

Report on devices accessed or blocked on your network

Track File Transfers

Log USB File Transfer

Monitor files that are copied to USB storage devices

Deivce Access Code

Access Code Generator

Provide end users with temporary access to their devices

Email Alert

Email Alerts

Get alerts of unauthorized file transfers and device use

Email Report

Email Reports

Schedule device reports directly to your administrator's inbox

Block Phones

Block Phones

Prevent users from connecting phones to company computers

Block Files

Block File Transfers

Prevent restricted files from being transferred to portable storage

Stealth

Stealth Mode

AccessPatrol can run silently in the background or alert users 

Centralized Console

Central Web Console

Access the administrative console from a web browser on any computer in your network

Remote Client Install

Remote Client Install

Easily deploy the CurrentWare Client remotely to all of your  company computers

Offsite Management

Offsite Management

Extend onsite policies to endpoint devices running outside the corporate network

Centralized Console

SQL Server Supported

The included SQL database is scalable for enterprise and large business operations

The Essential Role of USB Device Control

Prevent Malware Infections From Rogue Removable Media Devices

Picture this: An employee finds a USB removable storage device in the parking lot. They debate keeping the USB device for themselves, but more than anything they are eager to find out what media is being stored on it.

Once they get to their workstation, they immediately plug the mysterious USB device into a USB port and start opening files. While they may not realize it yet, they’ve just fallen for a clever social engineering trick—a bad actor left malware on the USB flash drive before they planted it in your parking lot.

So, how could you prevent this malware exposure? For optimal protection you must establish port control policies that restrict the use of unauthorized devices on company endpoints.

With USB control solutions you can prevent your users from inserting a high-risk USB device into their USB ports. Rather than introducing malware to at-risk endpoints the mysterious USB flash drive can be brought to the IT department where it can be safely analyzed in an isolated sandbox.

Prevent Data Loss to Lost Flash Drives

Unauthorized USB devices aren’t the only danger. Even authorized USB devices can pose a data loss risk if they are misused, lost, or stolen.

The portability of removable storage devices makes it difficult to prevent users from losing them. A well-meaning employee could transfer sensitive media from your network to a USB drive with the intention of working remotely, only to find out that the device has gone missing.

To prevent data loss to authorized devices you need to combine the insights of USB device control software with administrative safeguards that prevent staff from taking removable devices off-site without encryption. If a signed out USB device goes missing you can review the recent activity of USB devices to determine the last time a given USB drive was used.

Collect Evidence of Data Transfers to Removable Storage

USB control solutions provide insightful and easily accessible device usage reports.

These reports track USB activities such as file operations to removable storage, what USB devices are being used in the network, the USB device access history of endpoints, and which user was responsible for inserting unauthorized devices into a USB port.

Having access to the usage history of USB devices is valuable for investigating unauthorized use of USB ports in your network and identifying the source of a data breach.

Prevent Data Theft to Malicious Insider Threats

Malicious insider threats are a significant risk to data security. Employees have intimate access to corporate data, insider knowledge of the organization’s systems, and a level of trust that can allow them to steal data undetected.

USB control is a critical component of a data loss prevention and insider threat management strategy. By disabling USB ports you can prevent unauthorized data transfers to USB removable media devices and other high-risk peripherals.

  • 70% of intellectual property theft occurs within the 90 days before an employee’s resignation announcement
  • 88% of IT workers have stated that they would take sensitive data with them if they were fired
  • 72% of CEOs admit they’ve taken valuable intellectual property (IP) from a former employer
  • 50% of respondents in a Symantec survey say they have taken information, and 40% say they will use it in their new jobs

Learn More: How to Keep Data Safe When Offboarding

Man uploading files to the cloud

“AccessPatrol has put all of our data security fears to rest with a simple, cost-effective and efficient solution.”

Han Lee

Senior Business Development Manager, Tamice Group

CASE STUDY

First Choice Health protects their patients’ information with USB control software

“We never have to worry about what may happen when someone plugs a device into one of our machines. AccessPatrol has made our lives easy. We just set it, forget it, and it works!”

Stethoscope on top of a report

Device Control Best Practices

Establish Administrative Safeguards for Removable Drives

Data protection requires more than device control software; it needs the support of complimentary safeguards. Data protection requires more than device control software; it needs the support of complimentary safeguards. 

Your device control administrative safeguards should include policies that define what authorized devices are allowed, the encryption and antivirus procedures for peripherals, what classifications of data are permitted on removable devices, and physical security requirements for flash drives.

illustration of a woman selecting their team members

Appoint an IT Staff Member to Manage Device Control Policies

When you create device control policies there will be occasions where staff members require adjustments to their USB device access.

To prevent your network USB control policies from affecting productivity you need a designated security professional that can securely enable USB ports to allow temporary device access.

With AccessPatrol’s Access Code Generator your IT admins can temporarily enable USB ports for a limited period of time.

Create Device Control Policies Based on Risk

How restrictive your USB device control policies are must be based on the risk level of a given user. A user’s risk level will vary based on their role and their level of access to sensitive data.

For example, a healthcare employee that works with electronic health records (EHR) will have their device access more restricted than a marketing employee that needs to easily share content briefs with external parties.

To make granular device control policies easier to manage you can integrate AccessPatrol with your existing Active Directory organizational units.

Use Encryption to Protect Data on Removable Devices

Encryption is an essential component of data protection for USB flash drives. Without encryption a lost USB device can readily have its contents stolen and distributed to unauthorized parties.

To encrypt removable storage, Bitlocker-to-Go is a viable option for Windows systems, VeraCrypt can be used for MacOS/Windows/Linux, and FileVault can be used with MacOS.

To ensure consistent encryption you can even purchase USB devices that include built-in hardware encryption.

illustration of a secure endpoint computer

Maintain an Inventory of Approved USB Devices

To prevent unauthorized use of personal removable storage devices you will need to block USB devices and selectively allow trusted devices. For greater protection you must manage who can acquire authorized devices with administrative controls.

With a USB device inventory you can require users to sign out authorized peripherals as-needed and have them return the device at the end of the day. Once returned you can use antivirus software to scan for malware, ensure that encryption is enabled on all removable storage, and wipe data from the peripherals.

Man uploading files to the cloud

Configure Real Time Alerts & Audit Removable Storage Activity

AccessPatrol’s email alerts feature provides real-time alerts of endpoint USB activities. FOr optimal protection, regulated industries should consider setting up device alerts or reviewing network USB activity reports at the end of each shift.

Device alerts can be configured to alert designated staff members in real-time when specific, unknown, allowed, or blocked peripherals are connected to a USB port.

File operations alerts will notify designated staff members in real-time when files are copied, created, deleted, or renamed on a USB storage device.

Man uploading files to the cloud

“With AccessPatrol, we’re certain we’re meeting today’s cybersecurity standards whilst maintaining immediate, reliant access to patient records so we can keep delivering a high-quality service to our clients.”

Nicholas Scheetz

IT Service Desk Supervisor, First Choice Health

Try AccessPatrol for Free

Fully Functional. Easy to use. Install in minutes

AccessPatrol Device Control Software FAQ

Can I Set Unique Device Restrictions for Different Computers or Users?

Yes. With AccessPatrol’s USB control features you can block or allow USB devices and other peripherals for each computer, user, department, or other organizational unit (OU) in your company. 

To do this, AccessPatrol’s management console allows you to create group folders with separate policies. This feature is perfect to control USB devices for most employees while still providing access for trusted administrators that need unrestricted access.

You can also use the access code generator to temporarily grant access to all peripherals or use the device scheduler to automatically allow/block USB devices at specific times.

Are There Any Limits to the Free Trial?

The free trial of our USB device control software is fully functional. You can deploy it on up to 10 computers for 14 days. If you need more time or more computers to properly evaluate AccessPatrol in your network, reach out to our support team.

Who Uses This USB Control Software?

CurrentWare has a global client base across a variety of industries including government, healthcare, finance, nonprofit, and manufacturing.

CurrentWare’s customers use our computer monitoring, web filtering, and USB device control solutions to protect their business against time theft, data leakage, and web-based threats.

Read our data loss prevention and device control software customer case studies to learn more.

Can I Block Specific File Types from Being Transferred via USB Ports?

Yes. AccessPatrol can prevent your end-users from copying specific files to a USB device. These USB file transfer restrictions can be configured based on the file name or file extension.

The data transfer blocking feature can also be used on devices that are on the allowed list. This lets you provide access to company-authorized USB devices while still protecting the sensitive data in your network against exfiltration to portable storage hardware.

Does Currentware Have Access to Employee Data?

No. CurrentWare’s software solutions do not send your user’s device usage data to CurrentWare. They are installed and managed by your organization.

All of the data collected by CurrentWare’s monitoring software is stored on a database that is installed in a data center in your organization’s network or on a virtual machine provided by a cloud service provider of your choice.

For more information please refer to our Terms of Service

Is This a Cloud Solution?

No, our USB control and endpoint security solutions are not cloud-native. At this time AccessPatrol will continue to be offered for on-premises deployments, however, you can install CurrentWare’s software on a cloud platform of your choice with our Self-Hosted Cloud Option.

CurrentWare will not have access to your employee’s data. All of the data collected by CurrentWare’s employee monitoring and endpoint security solutions are stored on a database that is fully controlled and managed by your organization. For more information please refer to our Terms of Service

Can I Restrict USB Devices and Monitor USB Activities in Citrix, Remote Desktop, and/or Windows Terminal Server Environments?

Yes. CurrentWare is a certified Citrix Ready Partner. The CurrentWare Suite (AccessPatrol, BrowseControl, BrowseReporter, and enPowerManager) is supported on desktop computers, virtual machines (VMs), and servers running modern versions of the Windows operating system.

You can install the CurrentWare Clients on your Citrix Workspace running Windows. In addition, all CurrentWare components are compatible with Remote Desktop Services (RDS) or Terminal Servers (TS).

When controlling peripheral devices in Citrix with CurrentWare you can block devices on PC Mode to restrict the individual virtual machine or on User Mode to restrict devices for specific users across multiple devices and/or virtual machines.

Monitoring and managing your end-users with CurrentWare in a Terminal Services environment works similarly. The exception is that in a Terminal Server/Terminal Services environment the server will be registered as an individual endpoint; to apply granular policies for each user, department, or Organizational Unit you will need to use User Mode.

Learn More:
CurrentWare for Remote Desktop & Terminal Server

CurrentWare for Citrix Activity Monitoring

CurrentWare System Requirements

Which Devices Can I Control With AccessPatrol?

In addition to USB device control, AccessPatrol allows you to control the following peripheral devices on your users’ computers.

Devices You Can Control Device Access Permissions
USB Full / Read only / No access
DVD /CD Full / Read only / No access
Floppy Full / Read only / No access
Tape Full / Read only / No access
External Hard drive Full / Read only / No access
Firewire Full / Read only / No access
SD Card Full / Read only / No access
MM Card Full / Read only / No access
Bluetooth Full / No access
Infrared Full / No access
Wifi Full / No access
Serial Full / No access
Parallel Full / No access
Scanners Full / No access
Cameras, Webcams & Others Full / No access
Printers Full / No access
USB Ethernet Adapter Full / No access
Sound Cards Full / No access
Portable Devices (iPhones, Mobile Devices) Full / No access
Network Share Full / No access

Learn More:
USB control with AccessPatrol

Can I Use AccessPatrol for My Remote Team?

Yes. CurrentWare’s endpoint protection software solutions support a variety of deployment options that allow you to control USB devices no matter where your employees work.

To learn more about increasing the security of remote workers with our endpoint security solutions, visit this article: How to Set Up Device Control Software for Remote Teams

Will My Employees Know Their Devices Are Being Monitored?

As with any CurrentWare Suite product, your organization is in control of how visible the endpoint security solutions are.

AccessPatrol does not disclose when its USB activity monitoring feature is active. When your employees attempt to use an unauthorized USB device they can be presented with an optional warning message.

The CurrentWare software client that is used by our USB device control software operates in stealth mode by default.

In stealth mode, the CurrentWare software client is not visible in the system tray or control panel of the employee’s computer. Your employee will not be able to uninstall the program or stop it without administrator privileges.

If you would like your employees to be aware that they are being monitored, you can choose to show the CurrentWare software client in their system tray by enabling it in the client software settings.

If you would like to disable monitoring altogether, visit this article: How Do I Disable AccessPatrol’s Device Tracking?

How Can I Get Started With USB Protection in my Network?

  1. Download & Install AccessPatrol
    Download the files for your free device control software trial. On the administrator’s computer, run CurrentWare.exe to begin the installation of the endpoint security solutions.
  2. Deploy the Software Clients
    Deploy the CurrentWare software client (cwClientSetup.exe) on all the computers you want to control with our endpoint security solutions. You can deploy the software client with a local install or by using Active Directory, SCCM, or our built-in remote deployment tool.
  3. Monitor Your Employees & Restrict USB Devices
    After the installation, you will see all of your employee’s computers on the CurrentWare Console. From this console, you can run detailed reports on all of your employees’ USB device activities and use AccessPatrol’s USB device control features to protect data against insider security threats.

Try AccessPatrol for Free

Fully Functional. Easy to use. Install in minutes

System Requirements

Compatible on Windows 7/8/10
& Server 2008/2012/2016/2019

How to Order
Orders may be placed online, by phone, by fax or by e-mail. We accept purchase orders, major credit cards, PayPal and payments by check.