A group of people analyzing a series of graphs
CurrentWare awarded 'Easiest to Do Business With' by G2, fall 2024
CurrentWare received Capterra's 2024 shortlist award
CurrentWare is certified Citrix Ready

ISO 27001 Compliance Software

Ensure that your ISMS is aligned with information security best practices with CurrentWare’s critical endpoint security and DLP controls

  • Control Removable Media & Other Peripherals
    Prevent the unauthorized use of high-risk wireless and peripheral devices
  • Endpoint Security Controls for Defense-in-Depth
    Minimize the attack surface of endpoints to protect sensitive data
  • Insider Threat Prevention
    Mitigate the risks of insider threats with advanced awareness and control
Book a Demo
Explore Compliance
CurrentWare is verified Citrix Ready
CurrentWare awarded 'Easiest to Do Business With' by G2, fall 2024
CurrentWare received Capterra's 2024 shortlist award

Trusted by

Cushing Terrell Logo
Veterans Evaluation Services logo
Morris, Manning, and Martin LLP Logo
Viking Yachts Logo

& many more

Trusted by

Cushing Terrell Logo
Viking Yachts Logo
Bristol Health logo

& many more

ISO 27001 & ISO 27002 Compliance Requirements
You Can Address With CurrentWare

ISO 27001
ISO 27001
ISO 27002
ISO 27002
ISO 27001
ISO 27001
ISO 27001 Control CurrentWare Modules & Features

ISO 27001:2022 Controls:

  • 7.10 Storage media
  • A.8.12 Data Leakage Prevention
  • 8.16 Monitoring activities
  • 6.3 Information Security Awareness, Education, and Training

ISO 27001:2013 Controls:

Annex A.8.3 — Media Handling
A.8.3.1 Management of Removable Media

 

Annex A.8.3 is about media handling. The objective in this Annex is to prevent unauthorized disclosure, modification, removal or destruction of information stored on media.

 

AccessPatrol

  • Prevent the use of unauthorized removable media devices
  • Restrict file transfers to removable media devices
  • Get alerts when unknown or blocked removable media is inserted into managed endpoints
  • Monitor removable media activity for security policy violations
  • Maintain an audit trail of every removable media device that is inserted into managed endpoints
  • Maintain an audit trail of file operations executed from portable storage devices
  • Display a custom warning message when your users’ insert removable media devices into their computers
  • Track file transfers to portable storage, cloud services, apps, and more

ISO 27001:2022 Controls:

  • 8.15 Logging
  • 8.16 Monitoring activities
  • 8.19 Installation of Software on Operational Systems

ISO 27001:2013 Controls:

Annex A.12.1 — Operations Security

A.12.4 — Logging and Monitoring
A.12.6.2 Restrictions on Software Installation

Annex A.12.1 is about Operational Procedures and Responsibilities. The objective of A.12.1 is to ensure the secure operation of information processing facilities.

Annex A.12.4 is about logging and monitoring. The objective in this Annex A area is to record events and generate evidence.

 

AccessPatrol

  • Get alerts when unknown or blocked removable media is inserted into managed endpoints
  • Monitor removable media activity for security policy violations
  • Maintain an audit trail of every removable media device that is inserted into managed endpoints
  • Maintain an audit trail of file operations executed from portable storage devices

BrowseControl

  • Prevent employees from launching specific Windows applications

BrowseReporter

  • Monitor application usage to detect unauthorized software (shadow IT)
  • Maintain a log of each website visited and application used

enPowerManager

  • Maintain a log of user logon and logoff times
  • Maintain a log of PC power events (startup, shutdown, sleep)
ISO 27002
ISO 27002
ISO 27002 Control CurrentWare Modules & Features

8.12 Data Leakage Prevention (DLP)

ISO 27002 control 8.12 modifies risk by implementing technical measures that proactively detect and prevent the disclosure and/or extraction of information.

AccessPatrol

  • Block data transfers to portable storage devices to prevent data leakage
  • Maintain a log of each removable media device used
  • Get alerts of attempts to use unauthorized removable media devices
  • Maintain an audit trail of every file operation to removable media devices

BrowseControl

  • Disable unneeded TCP/UDP ports at the endpoint level to reduce the attack surface of ICT systems
  • Prevent users from launching applications that are known to be a risk to sensitive data such as cloud storage apps
  • Restrict browser access to authorized websites and intranet portals to prevent the introduction of malicious code from high-risk websites
  • Block known malicious domains and internet-based data egress points such as cloud storage sites with predefined web content categories

BrowseReporter

  • Get alerts when users attempt to visit known high-risk websites
  • Monitor user computer activity for high-risk web browsing or app usage

Learn More: CurrentWare’s data loss prevention solutions

    8.16 Monitoring Activities

    ISO 27002 Control 8.16 modifies risk by optimizing monitoring activities to identify anomalous behavior and assists in the prompt analysis of information security events and incidents.

    AccessPatrol

    • Maintain a log of each removable media device used
    • Get alerts of attempts to use unauthorized removable media devices
    • Maintain an audit trail of every file operation to removable media devices

    BrowseReporter

    • Get alerts when users attempt to visit known high-risk websites
    • Monitor user computer activity for high-risk web browsing or app usage
    • Collect historical data to establish a baseline of what is considered normal user activity
    • Monitor web browsing and application usage for attempts to access business critical ICT resources

    enPowerManager

    • Maintain a log of user logon and logoff times
    • Maintain a log of PC power events (startup, shutdown, sleep)

    8.22 Web Filtering

    If employees visit websites that contain viruses, phishing materials, or other types of illegal information, this may expose corporate networks and information systems to security risks.

    With BrowseControl you can restrict the websites that employees can access to mitigate the risk of malicious sites.

     

    BrowseControl

    • Restrict internet access to only authorized websites
    • Block millions of known malicious and high-risk domains across 100+ predefined web content categories
    • Block network ports to reduce the attack surface of your endpoints

     

    CASE STUDY

    Viking Yachts Stops Departing Employee From Stealing Intellectual Property

    CurrentWare saved us a lot of time and money. If we didn’t have them we would have never known what was going on. I cannot thank them enough for this software; being able to audit removable drives is invaluable.

    Read Their Story
    Tennessee College of Applied Technology

    See What Our Customers Have to Say

    The reports are very easy to understand and the fact that they can be emailed to you on a schedule is amazing, and have made finding productivity killers VERY easy. Customer support has been fantastic every time I've had to reach out to them; I highly recommend them!

    Kristen S, Associate IT Director
    The Coding Network, 700+ Employees

    As a 'novice' I was able to set up with help from support in about an hour. Previous software took forever and didn't work as advertised. This software worked right out of the box.

    Dr. Gerard B, Office Manager
    Medical Practice, 2-10 Employees

    In my nearly 40 years in the IT business I’ve worked with a lot of support teams. I really appreciate CurrentWare going the extra mile to help me get the most out of the product. They’ve definitely outweighed any of the other competitors that I’ve looked at.

    J.S, Managed Services Provider
    Vehicle Dealership, 150-200 Employees

    We have experienced data leaks by dishonest employees in the past and [CurrentWare's] AccessPatrol has helped us avoid them and work with greater security and peace of mind for us and our customers.

    Julio V, Head of Information Technology
    Financial Services Industry, 10,001+ employees

    More CurrentWare Reviews & Case Studies
    Free removable media policy template from CurrentWare

    FREE DOWNLOAD
    Removable Media Policy Template 

    Download this data security policy template to prevent data leakage to USB flash drives and other removable storage devices.

    • Set data security standards for portable storage
    • Define the acceptable use of removable media
    • Inform your users about their security responsibilities
    Get Your FREE Template

    CurrentWare's Key Features

    Internet Off

    User Activity Monitoring

    Track web browsing, software use, search queries, and more

    Learn More
    Remote Screen Capture

    Screenshot Monitoring

    Take automatic screenshots or remotely view desktops

    Learn More
    Application Blocker

    Track Software Usage

    Get insights into software usage trends in your organization

    Learn More
    Stealth

    Transparent & Stealth Modes

    Run silently in the background or provide notice of monitoring

    Learn More
    Block USB

    Block USB & Other Devices

    Set full access, read only or no access on storage devices

    Learn More
    Allowed List

    Device Whitelist

    Allow only authorized storage devices to be used

    Learn More
    Block Files

    Block File Transfers

    Prevent files from being transferred to portable storage

    Learn More
    Reports

    DLP Activity Reports

    Track file transfers, storage device use, file operations, and more

    Learn More
    Internet Off

    Block Websites

    Block websites based on
    URLs & content categories

    Learn More
    Download Filter
    Block Downloads/Uploads

    Prevent uploading and downloading based on file type

    Learn More
    Application Blocker
    Application Blacklisting

    Block specific Windows
    applications from launching

    Learn More
    Internet Off

    PC Power Management

    Remotely track and control PC power states

    Learn More
    Internet Off

    Central Web Console

    Save time with a central admin console; optionally integrate Active
    Directory OUs or security groups

    Learn More
    Internet Off

    Platform Security

    Protect your CurrentWare console
    with 2FA, passwords, privilege
    management, and more

    Learn More
    Internet Off

    Offsite Management

    Extend onsite security policies to computers running outside the corporate network

    Learn More
    Internet Off

    SQL Server Supported

    Database scaled for enterprise and
    large business operations using
    Microsoft SQL Server

    Learn More
    CurrentWare

    Get Started Today
    With a Free Trial

    Fully functional. Easy to use. $5 USD user/month

    Try for Free
    Contact Sales

    Learn How to Meet These Compliance Requirements With CurrentWare

    NERC CIP

    Protect TCAs & BCSI From Insider Threats

    Learn More

    ISO 27001

    Increase the Maturity of Your ISO27K ISMS

    Learn More

    NIST logo

    NIST 800-171/53

    Protect Controlled Unclassified Information

    Learn More

    CIPA for Education

    Qualify for the FCC’s
    E-Rate Program

    Learn More

    Cyber Essentials

    Critical Security Controls For Your Assessment

    Learn More

    Cybersecurity Maturity Model Certification CMMC Logo

    CMMC

    Protect CUI to qualify for DoD contracts

    Learn More

    Meet ISO 27001 Compliance With CurrentWare

    Get Your Free Trial

    Frequently Asked Questions

    What is ISO 27001 compliance software?

    ISO 27001 compliance software helps organizations meet information security standards by enforcing access controls, logging user activity, and managing IT usage policies. Tools like CurrentWare support ISO 27001 compliance by simplifying audits, maintaining traceability, and protecting sensitive data from unauthorized access. Its suite, BrowseReporter, AccessPatrol, and BrowseControl, helps enforce Annex A controls such as A.9 (Access Control) and A.12 (Operations Security).

    What are the ISO 27001 logging requirements?

    ISO 27001 requires organizations to log user activity to ensure traceability, support forensic investigations, and respond to incidents. This includes login/logout activity, system events, and access to sensitive systems. CurrentWare’s BrowseReporter and AccessPatrol automatically capture these logs across all endpoints, supporting Annex A.12.4.

    What features should ISO 27001 compliance software include?

    Key features include:

    • User activity logging (BrowseReporter)
    • Access control (BrowseControl for internet, AccessPatrol for USB/devices)
    • Policy enforcement & reporting
    • Audit trail generation
    • Real-time visibility & alerts

    CurrentWare’s suite covers all these, making it a practical choice for achieving and maintaining ISO 27001 compliance.

    Can CurrentWare help with ISO 27001 compliance?

    Yes. CurrentWare supports ISO 27001 compliance with a comprehensive suite for logging, monitoring, and access control. Its endpoint tools work across both on-site and remote environments, ensuring continuous enforcement of compliance policies. Features like USB control, web filtering, and user activity tracking help fulfill ISO 27001’s technical controls and streamline audit preparation.

    How does employee monitoring support ISO 27001 compliance?

    Employee monitoring supports ISO 27001 by fulfilling the need for activity logging, user accountability, and policy enforcement. With BrowseReporter, organizations can track web activity, application usage, and user behavior to detect anomalies and generate audit-ready reports. This helps meet Annex A controls, including A.12.4 (Logging and Monitoring) and A.16.1 (Incident Management).

    Why is access control important for ISO 27001?

    Access control is critical for protecting information and systems based on roles and responsibilities. ISO 27001 Annex A.9 requires organizations to restrict access to authorized users only. CurrentWare supports this with:

    • AccessPatrol: Device control (e.g., blocking USBs)
    • BrowseControl: Web access restrictions
    • User-based policy enforcement: Tailored controls by group, department, or location
    How can I prepare for an ISO 27001 audit?

    Preparation involves enforcing clear security policies, documenting user activity, and generating detailed logs. With CurrentWare, organizations can:

    • Monitor and log endpoint usage
    • Restrict access to sensitive systems
    • Export audit-ready reports

    These capabilities help demonstrate compliance with ISO 27001 Annex A controls like A.6 (Organization of Information Security), A.9 (Access Control), and A.12 (Operations Security).

    How does CurrentWare support ISO 27001 compliance for remote and hybrid teams?

    CurrentWare works seamlessly across on-premise, remote, and hybrid work environments. With agent-based software and centralized management, administrators can enforce security policies, log remote user activity, and generate compliance reports. This helps maintain ISO 27001 compliance regardless of where employees work, especially relevant for Annex A.6 and A.9 controls.