NERC CIP Compliance Software
Protect sensitive BSCI with the robust data loss prevention, endpoint security, and user activity monitoring features in the CurrentWare Suite.
- Control Removable Media & Other Peripherals
Prevent the unauthorized use of high-risk wireless and peripheral devices
- Endpoint Security Controls for Defense-in-Depth
Minimize the attack surface of endpoints in BES Cyber Systems - Protect Transient Cyber Assets
Monitor and control Windows-based TCAs to limit cybersecurity risks
Trusted by
& many more
Trusted by
and many more
NERC CIP Compliance Requirements You Can Address With CurrentWare
NERC CIP-003-8 — Security Management Controls
The purpose of NERC CIP-003-8 is to specify consistent and sustainable security management controls that establish responsibility and accountability to protect BES Cyber Systems against compromise that could lead to misoperation or instability in the Bulk Electric System (BES).
CurrentWare’s NERC CIP compliance solutions provide several security controls to mitigate the risk of introducing malicious code to BES Cyber Systems through the use of Transient Cyber Assets or Removable Media.
Requirement | CurrentWare Modules & Features |
Cyber Security Awareness
Each Responsible Entity shall reinforce, at least once every 15 calendar months, cyber security practices. | BrowseReporter
AccessPatrol
|
Cyber Security Incident Response
Each Responsible Entity shall have one or more Cyber Security Incident response plan(s), either by asset or group of assets, which shall include identification, classification, and response to Cyber Security Incidents | BrowseReporter
AccessPatrol
|
Transient Cyber Asset and Removable Media Malicious Code Risk Mitigation
Each Responsible Entity shall implement, except under CIP Exceptional Circumstances, one or more plan(s) to achieve the objective of mitigating the risk of the introduction of malicious code to low impact BES Cyber Systems through the use of Transient Cyber Assets or Removable Media. | AccessPatrol
BrowseControl
|
NERC CIP-007-6 — System Security Management
The purpose of NERC CIP-007-6 is to manage system security by specifying select technical, operational, and procedural requirements in support of protecting BES Cyber Systems against compromise that could lead to misoperation or instability in the Bulk Electric System (BES).
CurrentWare’s NERC CIP compliance solutions complement your Electronic Security Perimeter with technical security controls that protect against the use of unnecessary ports and removable media on managed endpoints.
Easily lock down Transient Cyber Assets used by field workers to protect BES Cyber Systems against insider threats and malicious activity.
Requirement | CurrentWare Modules & Features |
Table R1– Ports and Services
Where technically feasible, enable only logical network accessible ports that have been determined to be needed by the Responsible Entity, including port ranges or services where needed to handle dynamic ports.
| BrowseControl
|
Table R1– Ports and Services
Protect against the use of unnecessary physical input/output ports used for | AccessPatrol
Learn More: Which devices can I control with AccessPatrol?
|
Table R3 – Malicious Code Prevention
Deploy method(s) to deter, detect, or | AccessPatrol
BrowseControl
BrowseReporter
Learn More: CurrentWare’s endpoint security solutions
|
Table R4 – Security Event Monitoring
Log events at the BES Cyber System 4.1.1. Detected successful login 4.1.2. Detected failed access 4.1.3. Detected malicious code. ── 4.2 Generate alerts for security events that the Responsible Entity determines necessitates an alert. ── 4.4 Review a summarization or sampling of logged events as determined by the Responsible Entity at intervals no greater than 15 calendar days to identify undetected Cyber Security Incidents. | enPowerManager
AccessPatrol
BrowseReporter
CurrentWare Web Console
|
Table R4 – Security Event Monitoring
Where technically feasible, retain applicable event logs identified in Part 4.1 for at least the last 90 consecutive calendar days except under CIP Exceptional Circumstances. |
|
NERC CIP-010-4 — Configuration Change Management and Vulnerability Assessments
The purpose of NERC CIP-010-4 is to prevent and detect unauthorized changes to BES Cyber Systems by specifying configuration change management and vulnerability assessment requirements in support of protecting BES Cyber Systems from compromise that could lead to misoperation or instability in the Bulk Electric System (BES). | Learn More
CurrentWare’s NERC CIP compliance solutions provide critical insights into what computer applications are being used in BES Cyber Systems, allowing you to detect and investigate unauthorized software that could pose a security risk.
Requirement | CurrentWare Modules & Features |
Table R2 – Configuration Monitoring
Monitor at least once every 35 calendar days for changes to the baseline configuration. Document and investigate detected unauthorized changes. | BrowseReporter
CurrentWare Web Console
|
NERC CIP-011-3 — Cyber Security — Information Protection
The purpose of NERC CIP-011-3 is to prevent unauthorized access to BES Cyber System Information (BCSI) by specifying information protection requirements in support of protecting BES Cyber Systems against compromise that could lead to misoperation or instability in the Bulk Electric System (BES). | Learn More
CurrentWare’s NERC CIP compliance solutions provide the technical security controls that Responsible Entities need to ensure the confidentiality of BCSI against insider threats.
Requirement | CurrentWare Modules & Features |
Table R1 – Information Protection Program
Method(s) to protect and securely handle BCSI to mitigate risks of compromising confidentiality. | AccessPatrol
BrowseControl
BrowseReporter
Learn More: CurrentWare’s data loss prevention solutions
|
Case Study
Viking Yachts Protects Sensitive Information From a Departing Employee
“CurrentWare saved us a lot of time and money. If we didn’t have AccessPatrol we would have never known what was going on. I cannot thank all of you enough for this software.”
Flexible Deployment Options
With CurrentWare’s user activity monitoring solutions you’re in complete control of how your data is stored, secured, and retained. Your employees' data cannot be accessed by CurrentWare.
On Premises
Have Complete Control of Your Data
Install the management software on a standard computer, then deploy the client software to your users' computers
Remote Workers
Manage Users on Any Network
Connect your remote employees’ computers to the management software with simple port forwarding rules
Self-Managed Cloud
Citrix, Azure, AWS, GCP, and More!
Enjoy the scalability and availability of the cloud alongside the security, control, and flexibility of our on-premises solution.
Get Advanced Activity Insights
BrowseReporter is a versatile employee monitoring software to track productivity and efficiency.
- Make informed decisions
- Enforce company policies
- Improve productivity
Block Harmful Websites
BrowseControl is an easy-to-use website blocking software for restricting internet access.
- Block URLs & categories
- Block unwanted apps
- Website allow & block lists
Stop Data Theft to USB Devices
AccessPatrol is USB control software to protect sensitive data against theft to portable storage devices.
- Block USB devices
- USB file activity alerts
- Block file transfers
This software helps us to achieve compliance with industry and government requirements with respect to controlling the use of removable storage media. It fits the bill perfectly.
Matthew W., Project Manager
Aviation & Aerospace Industry, 11-50 employees
[AccessPatrol] has been a great benefit to secure USB devices and access to company computers. We now have the ability to secure machines that otherwise would have been exposed to threats.
Jordan F., Senior IT Specialist
Machinery Industry, 1001-5000 employees
Data leaks have been thwarted by AccessPatrol. When an unauthorized device is detected, an email alert is sent immediately. It enables real-time audit reports on accessed and blocked devices.
Karen M., Senior Director of Marketing
Construction Industry, 10,001+ employees
We have experienced data leaks by dishonest employees in the past and AccessPatrol has helped us avoid them and work with greater security and peace of mind for us and our customers.
Julio V., Head of Information Technology
Financial Services Industry, 10,001+ employees
FREE DOWNLOAD
Removable Media Policy
Download this data security policy template to prevent data leakage to USB flash drives and other removable storage devices.
- Set data security standards for portable storage
- Define the acceptable use of removable media
- Inform your users about their security responsibilities
CurrentWare Features
Internet ON/OFF
One click to completely block
the Internet
URL Filter
Allow or block specific URLs;
customize policies for each group
Category Filtering
Block websites based on
content categories
Internet Scheduler
Set unique restrictions at specific
times of the day
Internet Monitoring
Monitor web browsing,
keyword searches, and more
Computer Activity Reports
15+ different detailed web
activity reports
Track Application Use
See what applications are being
used by employees
Email Reports
Automatically email user activity
reports to designated inboxes
Block USB
Block unauthorized USBs to protect
against data theft
Block External Devices
Easily block DVDs, external drives
& other peripherals
Device Permissions
Set full access, read only or no
access on storage devices
Allowed List
Allow specific storage devices on
your network
Centralized Console
Manage all your users from the
centralized console with Active
Directory import or syncing
Platform Security
Protect your CurrentWare console
with 2FA, passwords, privilege
management, and more
Offsite Management
Extend onsite security policies to any remote computer running outside the corporate network
SQL Server Supported
Database scaled for enterprise and
large business operations using
Microsoft SQL Server
Learn How to Meet These
Compliance Requirements With CurrentWare
NERC CIP Compliance
Protect TCAs & BCSI From Insider Threats
ISO 27001 Compliance
Critical Security Controls for Your ISMS
CIPA Compliance for Education
Qualify for the FCC’s E-Rate program
NIST 800-171 & 800-53
Protect Controlled Unclassified Information