& many more
and many more
Prevent the Use of Untrusted USB Drives
AccessPatrol USB blocking software gives you the features you need to ensure data protection against portable devices.
- Effortlessly block all peripheral devices that fall outside of your allowed devices lists
- Use the Allowed List to whitelist trusted devices for specific users
- Temporarily grant time-limited access to blocked devices using the Access Code Generator
Centralized Management for Scalable Device Control
AccessPatrol lets you implement device control policies from the convenience of a central web console.
Easily monitor removable devices and block/unblock ports for your entire workforce in just a few clicks.
- Granular Control: Control USB drives based on groups of users or computers
- AD Sync: Use Active Directory sync to import your existing organizational units
- Remote Devices: USB device control policies continue to apply even when endpoints disconnect from the network
Intuitive & Flexible USB
Protect sensitive data with AccessPatrol’s USB blocker. Block or limit the use of a USB port based on storage devices, wireless connectivity, communication ports, imaging devices, and other peripherals.
USB blocking policies can be uniquely configured for each user, endpoint, and department. This ensure that employee productivity is not hindered by the USB blocker.
- Easily block USBs, optical media, mobile devices, SD cards, and other removable media
- Disable wireless connections through Bluetooth devices, infrared, and WiFi
- Block employees from using scanners, printers, and cameras to steal sensitive data
Monitor USB Ports for Data Leakage to USB Drives
With AccessPatrol’s USB storage devices usage and data transfer monitoring features you can ensure compliance with your removable media policy.
- Investigate potential data security incidents with advanced insights into which parties transferred which files to what devices
- Understand what devices are being used such as firewire, Android/Apple phones, removable devices
- Improve your data theft prevention efforts with evidence of every data transfer to storage devices
Restrict File Transfers to Storage Devices
With AccessPatrol’s USB file transfer blocking feature you can prevent files from being transferred to portable storage devices based on their filename or extension.
- Allowed List: Limit what files can be transferred to storage devices based on file extensions and keywords in filenames
- Block File Transfers: Prevent file transfers between storage devices and PCs, even on trusted storage devices
- Renamed File Extension Blocking: AccessPatrol uses file signatures to detect the original file extension of a file, preventing users from renaming files to bypass your DLP policies
The Essential Role of a USB Blocker
USB DLP—Prevent Data Loss to Flash Drives
Even authorized external devices can pose a data loss risk if they are misused, lost, or stolen. The portability of removable storage devices makes it difficult to prevent users from losing them.
How to Prevent Data Loss to USB Drives With AccessPatrol:
- Limit the USB devices that can be used to a specific list of trusted devices
- Review the recent activity of missing USB devices to determine the last time it was used and what data was transferred to it
- Restrict the file types and filename keywords that can be transferred to portable storage devices
Monitor USB Activity to Collect Evidence of Data Transfers
Device control solutions provide insightful and easily accessible device usage reports.
These reports track USB activities such as:
- File operations to removable storage
- What USB devices are being used in the network
- The USB device access history of endpoints
- Which user was responsible for inserting unauthorized devices into a USB port
Having access to the usage history of USB devices is valuable for investigating data loss to unauthorized devices that have been plugged into USB ports in your network.
Prevent Data Theft to Insider Threats
Insider threats are a significant risk to data security. Employees have intimate access to corporate data, insider knowledge of the organization’s systems, and a level of trust that can allow them to steal data undetected.
- 70% of intellectual property data theft occurs within the 90 days before an employee’s resignation announcement
- 72% of CEOs admit they’ve taken valuable intellectual property (IP) from a former employer
- 50% of respondents in a Symantec survey say they have taken information, and 40% say they will use it in their new jobs
With AccessPatrol’s device control features you can prevent data loss to USB removable media devices and other high-risk peripherals.
Learn more: How to Keep Data Safe When Offboarding
Removable Media Policy
Download this data security policy template to prevent data leakage to USB flash drives and other removable storage devices.
- Set data security standards for portable storage
- Define the acceptable use of removable media
- Inform your users about their security responsibilities
AccessPatrol’s USB Data Loss Prevention Alerts, Reports, and Dashboards
AccessPatrol is more than a powerful USB blocker; it also monitors activity on USB ports so you can get advanced visibility into sensitive data leaks and high-risk activity on USB ports.
AccessPatrol’s email alerts, reports, and dashboards provide your organization with the USB monitoring tools it needs to protect data against insider threats.
Instantly notify designated people to high-risk activities and automate the distribution of data loss prevention reports for easy archiving and USB file operations monitoring.
USB Activity Alerts
Send AccessPatrol’s USB activity reports straight to your security team’s inbox when alerts are triggered
Customize thresholds to send email alerts based on suspicious USB connection history, file operations, or specific file types
Combine with AccessPatrol’s other USB control features to enforce your removable media device policy and improve your USB data loss prevention capabilities
USB File Operations Alerts
Protect sensitive data against theft by alerting security personnel when users copy data to USB drives and other removable media.
Configure file operations alerts based on file extensions (.exe, .zip, .msi, .xslx, .cad, etc) or file names to get alerted when these copied files are detected.
You can configure file operations alerts to trigger when:
- Files are created on USB drives
Files are transferred to USB drives
Files are deleted from USB drives
Files are saved as to USB drives
Files are renamed on USB drives
USB File Transfers Alerts
Get alerts when specific file types and file names are transferred to removable storage devices.
You can configure USB file activity alerts to trigger when:
A user commits and sort of file operation
- A user transfers specific file types
A user transfers files with pre-defined keywords in the file name
Removable Device Usage Alerts
With the Email Alerts by Devices feature you can trigger real-time alerts based on the peripheral device usage of your organization
You can configure USB connection history alerts to trigger when:
- A Specific device is used
- Any peripheral device is used
- An unknown device is used
- Any blocked or allowed device is used
How to Block USB Devices With AccessPatrol USB Blocker Software
- Open the CurrentWare Console
- Select the group(s) of computers or users you would like to control.
- Under the AccessPatrol tab, select Device Permissions then select the group of users or computers you would like to disable USB devices for.
- Under Storage Devices, select USB
- Under Access Permissions set the desired level of restriction (Full Access, Read Only, No Access)
- Click Apply and then click OK
Device Control Best Practices
Establish Administrative Safeguards for Removable Media
A holistic data loss prevention strategy requires more than just technical safeguards—it needs clear policies and procedures that employees must follow.
Examples of Administrative Safeguards:
- Security awareness training for employees
- Written policies and procedures
- Incident response plans
- Background checks
Appoint a Staff Member to Manage Device Control Policies
To prevent your network USB control policies from affecting productivity you need a designated member of staff that can enable USB ports to allow temporary device access on an as-needed basis.
AccessPatrol makes changing your USB security settings simple and intuitive:
- Use the Access Code Generator to provide temporary access to USB ports for a limited time
- Create device control policy groups to apply unique restrictions based on risk
- Easily add new trusted devices to the allow list in just a few clicks
- Optionally import your Active Directory organizational units to manage USB policies with your existing OUs
Establish a Removable Media Policy
A removable media policy is a type of information security policy that dictates the acceptable use of portable storage devices such as USB flash drives, external hard drives, and tape drives.
How restrictive your policies are will typically be based on the risk level of a given user. A user’s risk level will vary based on their role and their level of access to sensitive data.
For example, a healthcare employee that works with electronic health records (EHR) will have their device access more restricted than a marketing employee that needs to easily share content briefs with external parties.
Need a written removable media policy? Get writing tips and download our free template here.
Use Encryption to Protect Data on Removable Devices
Encryption is an essential component of data protection for USB flash drives.
Without enforced encryption a lost USB device can readily have its contents stolen and distributed to unauthorized parties.
To encrypt removable storage, Bitlocker-to-Go is a viable option for Windows systems, VeraCrypt can be used for MacOS/Windows/Linux, and FileVault can be used with MacOS.
To ensure consistently enforced encryption you can even purchase USB devices that include built-in hardware or software encryption.
Maintain an Inventory of Approved USB Devices
To prevent unauthorized use of personal removable storage devices you will need to block USB devices and selectively allow trusted devices.
For the best device control you must manage who can acquire authorized devices with administrative controls.
With a USB device inventory you can require users to sign out authorized peripherals as-needed and have them return the device at the end of the day.
Once returned you can use antivirus software to scan for malware, ensure that encryption is enabled on all removable storage, and wipe data from the peripherals.
Set USB Activity Alerts
AccessPatrol’s email alerts feature provides real-time security alerts of endpoint USB activities.
Device alerts can be configured to alert designated staff members in real-time when specific, unknown, allowed, or blocked peripherals are connected to a USB port.
File operations alerts will notify designated staff members in real-time when files are copied, created, deleted, or renamed on a USB storage device.