NERC CIP Compliance Software

Protect sensitive BSCI with the robust data loss prevention, endpoint security, and user activity monitoring features in the CurrentWare Suite.

  • Control Removable Media & Other Peripherals
    Prevent the unauthorized use of high-risk wireless and peripheral devices
  • Endpoint Security Controls for Defense-in-Depth
    Minimize the attack surface of endpoints in BES Cyber Systems
  • Protect Transient Cyber Assets
    Monitor and control Windows-based TCAs to limit cybersecurity risks

Trusted by

Cushing Terrell Logo
HBCS Revenue Cycle Logo
HBCS Revenue Cycle Logo
Morris, Manning, and Martin LLP Logo
Viking Yachts Logo

& many more

Trusted by

HBCS Revenue Cycle Logo
VES Veteran Evaluation Services Logo
Viking Yachts Logo

& many more

NERC CIP Compliance Requirements You Can Address With CurrentWare

NERC CIP-003-8 — Security Management Controls

The purpose of NERC CIP-003-8 is to specify consistent and sustainable security management controls that establish responsibility and accountability to protect BES Cyber Systems against compromise that could lead to misoperation or instability in the Bulk Electric System (BES).

CurrentWare’s NERC CIP compliance solutions provide several security controls to mitigate the risk of introducing malicious code to BES Cyber Systems through the use of Transient Cyber Assets or Removable Media.

Requirement CurrentWare Modules & Features

Cyber Security Awareness
CIP-003-8 R1 (1.2.1)

 

Each Responsible Entity shall reinforce, at least once every 15 calendar months, cyber security practices.

BrowseReporter

  • Get alerts when users attempt to visit high-risk websites
  • Monitor user computer activity for high-risk web browsing or app usage
  • Phishing awareness training

AccessPatrol

  • Get alerts when unknown or blocked removable media is inserted into endpoints within BES Cyber System(s)
  • Monitor removable media activity for security policy violations

Cyber Security Incident Response
CIP-003-8 R1 (1.2.4)

 

Each Responsible Entity shall have one or more Cyber Security Incident response plan(s), either by asset or group of assets, which shall include identification, classification, and response to Cyber Security Incidents

BrowseReporter

  • Get alerts when users attempt to visit known high-risk websites
  • Monitor user computer activity for high-risk web browsing or app usage

AccessPatrol

  • Get alerts when unknown or blocked removable media is inserted into endpoints within BES Cyber System(s)
  • Monitor removable media activity for cyber security incidents such as illicit transfers of BCSI

Transient Cyber Asset and Removable Media Malicious Code Risk Mitigation
CIP-003-8 R1 (1.2.5)

 

Each Responsible Entity shall implement, except under CIP Exceptional Circumstances, one or more plan(s) to achieve the objective of mitigating the risk of the introduction of malicious code to low impact BES Cyber Systems through the use of Transient Cyber Assets or Removable Media.

AccessPatrol

  • Block unauthorized removable media devices to mitigate the risk of employees and contractors introducing malicious code
  • Lock down removable media virus scanning machines (“Sheep Dip”) by disabling Bluetooth, USB Network Adapters, Network Drives, and WiFi hardware when not explicitly required
  • Maintain a log of each removable media device introduced to BES Cyber Systems and Transient Cyber Assets
  • Maintain a log of all file operations to and from removable media devices introduced to BES Cyber Systems and Transient Cyber Assets

BrowseControl

  • Lock down removable media virus scanning machines (“Sheep Dip”) by blocking TCP/UDP network ports and internet access over web browsers
  • Restrict browser access to authorized websites and intranet portals to prevent the introduction of malicious code from high-risk websites
  • Close unused network ports at the endpoint level to reduce the attack surface of Transient Cyber Assets

NERC CIP-007-6 — System Security Management

The purpose of NERC CIP-007-6 is to manage system security by specifying select technical, operational, and procedural requirements in support of protecting BES Cyber Systems against compromise that could lead to misoperation or instability in the Bulk Electric System (BES).

CurrentWare’s NERC CIP compliance solutions complement your Electronic Security Perimeter with technical security controls that protect against the use of unnecessary ports and removable media on managed endpoints.

Easily lock down Transient Cyber Assets used by field workers to protect BES Cyber Systems against insider threats and malicious activity.

Requirement CurrentWare Modules & Features

Table R1– Ports and Services
CIP-007-6 R1 (1.1)

 

Where technically feasible, enable only logical network accessible ports that have been determined to be needed by the Responsible Entity, including port ranges or services where needed to handle dynamic ports. 

BrowseControl

  • Disable unneeded TCP/UDP ports at the endpoint level to reduce the attack surface of Transient Cyber Assets
  • Restrict browser access to authorized websites and intranet portals to prevent the introduction of malicious code from high-risk websites

Table R1– Ports and Services
CIP-007-6 R1 (1.2)

 

Protect against the use of unnecessary physical input/output ports used for
network connectivity, console
commands, or Removable Media

AccessPatrol

  • Block a variety of peripherals including removable media devices, wireless devices, and serial/parallel communication ports.
  • Lock down endpoints by disabling Bluetooth, USB Network Adapters, Network Drives, and WiFi hardware when not explicitly required
  • Maintain a log of each removable media device introduced to BES Cyber Systems and Transient Cyber Assets

Learn More: Which devices can I control with AccessPatrol?

Table R3 – Malicious Code Prevention
CIP-007-6 R3 (3.1)

 

Deploy method(s) to deter, detect, or
prevent malicious code.

AccessPatrol

  • Block unauthorized removable media devices to mitigate the risk of employees and contractors introducing malicious code
  • Lock down removable media virus scanning machines (“Sheep Dip”) by disabling Bluetooth, USB Network Adapters, Network Drives, and WiFi hardware when not explicitly required
  • Maintain a log of each removable media device introduced to BES Cyber Systems and Transient Cyber Assets
  • Get alerts of attempts to use unauthorized removable media devices

BrowseControl

  • Disable unneeded TCP/UDP ports at the endpoint level to reduce the attack surface of Transient Cyber Assets
  • Restrict browser access to authorized websites and intranet portals to prevent the introduction of malicious code from high-risk websites
  • Block known malicious domains with predefined web content categories

BrowseReporter

  • Get alerts when users attempt to visit known high-risk websites
  • Monitor user computer activity for high-risk web browsing or app usage

Learn More: CurrentWare’s endpoint security solutions

 

Table R4 – Security Event Monitoring
CIP-007-6 R4 (4.1.1; 4.2; 4.4)

 

Log events at the BES Cyber System
level (per BES Cyber System capability)
or at the Cyber Asset level (per Cyber
Asset capability) for identification of,
and after-the-fact investigations of,
Cyber Security Incidents that includes, as a minimum, each of the following
types of events:

4.1.1. Detected successful login
attempts;

4.1.2. Detected failed access
attempts and failed login
attempts;

4.1.3. Detected malicious code.

──

4.2

Generate alerts for security events that the Responsible Entity determines necessitates an alert.

──

4.4

Review a summarization or sampling of logged events as determined by the Responsible Entity at intervals no greater than 15 calendar days to identify undetected Cyber Security Incidents.

enPowerManager

  • Maintain a log of each successful login attempts including timestamps and duration of each logon event

AccessPatrol

  • Maintain a log of each removable media device introduced to BES Cyber Systems and Transient Cyber Assets
  • Get alerts of attempts to use unauthorized removable media devices
  • Get alerts when specific file operations occur such as attempts to transfer files with extensions associated with BCSI
  • Automate the sending of user activity reports to designated email addresses at a set schedule

BrowseReporter

  • Get alerts when users attempt to visit known high-risk websites
  • Monitor user computer activity for high-risk web browsing or app usage
  • Automate the sending of user activity reports to designated email addresses at a set schedule

CurrentWare Web Console

  • CurrentWare admin activity logs provide details of configuration changes to monitor for malicious or negligent admin activity within the CurrentWare Suite

Table R4 – Security Event Monitoring
CIP-007-6 R4 (4.3)

 

Where technically feasible, retain applicable event logs identified in Part 4.1 for at least the last 90 consecutive calendar days except under CIP Exceptional Circumstances.

  • The CurrentWare Suite is hosted and managed by your organization, giving you full control over data retention.
  • Using the Auto Delete Scheduler you can automate the deletion of historical user activity data after 90+ days

NERC CIP-010-4 — Configuration Change Management and Vulnerability Assessments

The purpose of NERC CIP-010-4 is to prevent and detect unauthorized changes to BES Cyber Systems by specifying configuration change management and vulnerability assessment requirements in support of protecting BES Cyber Systems from compromise that could lead to misoperation or instability in the Bulk Electric System (BES). | Learn More

CurrentWare’s NERC CIP compliance solutions provide critical insights into what computer applications are being used in BES Cyber Systems, allowing you to detect and investigate unauthorized software that could pose a security risk.

Requirement CurrentWare Modules & Features

Table R2 – Configuration Monitoring
CIP-010-4 R2 (2.1)

 

Monitor at least once every 35 calendar days for changes to the baseline configuration. Document and investigate detected unauthorized changes.

BrowseReporter

  • Monitor user computer activity for the use of shadow IT and other unauthorized software
  • Automate the sending of user activity reports to designated email addresses at a set schedule

CurrentWare Web Console

  • CurrentWare admin activity logs provide details of configuration changes to monitor for malicious or negligent admin activity within the CurrentWare Suite

 

NERC CIP-011-3 — Cyber Security — Information Protection

The purpose of NERC CIP-011-3 is to prevent unauthorized access to BES Cyber System Information (BCSI) by specifying information protection requirements in support of protecting BES Cyber Systems against compromise that could lead to misoperation or instability in the Bulk Electric System (BES). | Learn More

CurrentWare’s NERC CIP compliance solutions provide the technical security controls that Responsible Entities need to ensure the confidentiality of BCSI against insider threats.

Requirement CurrentWare Modules & Features

Table R1 – Information Protection Program
CIP-011-3 R1 (1.2)

 

Method(s) to protect and securely handle BCSI to mitigate risks of compromising confidentiality.

AccessPatrol

  • Block data transfers to portable storage devices to prevent data theft or loss by employees and contractors
  • Lock down removable media virus scanning machines (“Sheep Dip”) by disabling Bluetooth, USB Network Adapters, Network Drives, and WiFi hardware when not explicitly required
  • Maintain a log of each removable media device introduced to BES Cyber Systems and Transient Cyber Assets
  • Get alerts of attempts to use unauthorized removable media devices

BrowseControl

  • Disable unneeded TCP/UDP ports at the endpoint level to reduce the attack surface of Transient Cyber Assets
  • Prevent users from launching applications that are known to be a risk to BCSI such as cloud storage apps
  • Restrict browser access to authorized websites and intranet portals to prevent the introduction of malicious code from high-risk websites
  • Block known malicious domains and internet-based data egress points such as cloud storage sites with predefined web content categories

BrowseReporter

  • Get alerts when users attempt to visit known high-risk websites
  • Monitor user computer activity for high-risk web browsing or app usage

Learn More: CurrentWare’s data loss prevention solutions

 

 

CASE STUDY

Viking Yachts Stops Departing Employee From Stealing Intellectual Property

CurrentWare saved us a lot of time and money. If we didn’t have them we would have never known what was going on. I cannot thank them enough for this software; being able to audit removable drives is invaluable.

Tennessee College of Applied Technology

Flexible Deployment Options

With CurrentWare’s cybersecurity, web filtering, data loss prevention, and user activity monitoring solutions you’re in complete control of how your data is stored, secured, and retained. Your employees' data cannot be accessed by CurrentWare.

hp-on-premise

On Premises

Keep Control of Your Data

 

Install the management software on a standard computer, then deploy the client software to your users' computers

hp-private-cloud

Remote Workers

Monitor & Manage on Any Network

 

Connect your remote employees’ computers to the management software with simple port forwarding rules

manage-remote-workers-and-users

Self-Managed Cloud & VDI

Citrix, Azure, AWS, GCP, and More!

 

Enjoy the scalability and availability of the cloud alongside the security, control, and flexibility of our on-premises solution

CurrentWare Suite

Get all 4 modules for the best value or choose the exact solutions you need

Get Advanced Activity Insights

BrowseReporter is a versatile employee monitoring software to track productivity and efficiency.

  • Make informed decisions
  • Enforce company policies
  • Improve productivity
today's insights user score cards

Block Harmful Websites

BrowseControl is an easy-to-use website blocking software for restricting internet access.

  • Block URLs & categories
  • Block unwanted apps
  • Website allow & block lists
Screenshot of category filtering window from BrowseControl web filter. Porn and social media categories blocked.

Stop Data Theft to USB Devices

AccessPatrol is USB control software to protect sensitive data against theft to portable storage devices.

  • Block USB devices
  • USB file activity alerts
  • Block file transfers
AccessPatrol peripheral device permissions mockup block usb

Control PC Power States

enPowerManager is a remote PC power manager for centrally managing power settings across all endpoints.

  • Track logon and logoff times
  • Log PC power event history
  • Remotely shutdown PCs
Screenshot of enPowerManager's PC power schedule with weekly boot, restart, and shutdown events scheduled

We’re Here to Help

The CurrentWare team prides itself on its high-quality customer support. We will support you every step of the way—whether you’re just starting your free trial or actively using CurrentWare in your network.

At CurrentWare, customer success is our priority at every stage of your journey. We take pride in providing high-quality and reliable pre and post-sale support to make your experience exceptional.

We offer the same level of high-quality support to all of our customers—no extra fees or packages necessary!

Mike Noseworthy
Customer Support Lead

Product Training

CurrentWare provides the documentation, training, and other resources you need to take full advantage of the capabilities of our products.

Technical Support

Our expert support team is here to help you. Reach out to us over email, live chat, or phone from 8:00 AM – 6:00 PM ET, Monday to Friday.

Check Out Our Great Reviews

This software helps us to achieve compliance with industry and government requirements with respect to controlling the use of removable storage media. It fits the bill perfectly.

Matthew W, Project Manager
Aviation & Aerospace Industry, 11-50 employees

In my nearly 40 years in the IT business I’ve worked with a lot of support teams. I really appreciate CurrentWare going the extra mile to help me get the most out of the product. They’ve definitely outweighed any of the other competitors that I’ve looked at.

J.S, Managed Services Provider
Vehicle Dealership, 150-200 Employees

The reports are very easy to understand and the fact that they can be emailed to you on a schedule is amazing, and have made finding productivity killers VERY easy. Customer support has been fantastic every time I've had to reach out to them; I highly recommend them!

Kristen S, Associate IT Director
The Coding Network, 700+ Employees

We have experienced data leaks by dishonest employees in the past and AccessPatrol has helped us avoid them and work with greater security and peace of mind for us and our customers.

Julio V, Head of Information Technology
Financial Services Industry, 10,001+ employees

Free removable media policy template from CurrentWare

FREE DOWNLOAD
Removable Media Policy Template 

Download this data security policy template to prevent data leakage to USB flash drives and other removable storage devices.

  • Set data security standards for portable storage
  • Define the acceptable use of removable media
  • Inform your users about their security responsibilities

CurrentWare's Key Features

Internet Off

User Activity Monitoring

Track web browsing, software use, search queries, and more

Remote Screen Capture

Screenshot Monitoring

Take automatic screenshots or remotely view desktops

Application Blocker

Track Software Usage

Get insights into software usage trends in your organization

Stealth

Transparent & Stealth Modes

Run silently in the background or provide notice of monitoring

Block USB

Block USB & Other Devices

Set full access, read only or no access on storage devices

Allowed List

Device Whitelist

Allow only authorized storage devices to be used

Block Files

Block File Transfers

Prevent files from being transferred to portable storage

Reports

DLP Activity Reports

Track file transfers, storage device use, file operations, and more

Internet Off

Block Websites

Block websites based on
URLs & content categories

Download Filter
Block Downloads/Uploads

Prevent uploading and downloading based on file type

Application Blocker
Application Blacklisting

Block specific Windows
applications from launching

Internet Off

PC Power Management

Remotely track and control PC power states

Internet Off

Centralized Console

Manage all your users from the
centralized console with Active
Directory import or syncing

Internet Off

Platform Security

Protect your CurrentWare console
with 2FA, passwords, privilege
management, and more

Internet Off

Offsite Management

Extend onsite security policies to computers running outside the corporate network

Internet Off

SQL Server Supported

Database scaled for enterprise and
large business operations using
Microsoft SQL Server

CurrentWare

Get Started Today
With a Free Trial

Fully functional. Easy to use. Install in minutes.

Learn How to Meet These Compliance Requirements With CurrentWare

NERC CIP

Protect TCAs & BCSI From Insider Threats

Learn More

ISO 27001

Increase the Maturity of Your ISO27K ISMS

Learn More

NIST logo

NIST 800-171/53

Protect Controlled Unclassified Information

Learn More

CIPA for Education

Qualify for the FCC’s
E-Rate Program

Learn More

Cyber Essentials

Critical Security Controls For Your Assessment

Learn More

Cybersecurity Maturity Model Certification CMMC Logo

CMMC

Protect CUI to qualify for DoD contracts

Learn More

Meet NERC CIP Compliance With CurrentWare