NIST 800-53 & NIST 800-171 Compliance Software

Protect controlled unclassified information with CurrentWare’s robust data loss prevention, endpoint security, and user activity monitoring solutions

  • Control Removable Media & Other Peripherals
    Prevent the unauthorized use of high-risk wireless and peripheral devices
  • Endpoint Security Controls for Defense-in-Depth
    Minimize the attack surface of endpoints within information systems
  • Advanced Awareness & Access Control
    Monitor and restrict user activity to protect sensitive information against insider threats

    Trusted by

    Cushing Terrell Logo
    HBCS Revenue Cycle Logo
    HBCS Revenue Cycle Logo
    Morris, Manning, and Martin LLP Logo
    Viking Yachts Logo

    & many more

    Trusted by

    HBCS Revenue Cycle Logo
    VES Veteran Evaluation Services Logo
    Viking Yachts Logo

    & many more

    NIST 800-53 & NIST 800-171 Compliance Requirements
    You Can Address With CurrentWare

    Requirement CurrentWare Modules & Features

    Access Control

    AC-6 Least Privilege

    The organization employs the principle of least privilege, allowing only authorized accesses for users (or processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

    BrowseControl

     

    • Granularly control which websites, intranet portals, and web services users can access
    • Prevent users from launching specific software executables

    AccessPatrol

    • Granularly restrict portable storage devices, wireless connections, and other peripherals based on groups of computers or users | Learn More
    • Ensure only authorized removable media is able to be used
    • Get alerts when unknown or blocked removable media is inserted into endpoints

    AC-18 Wireless Access

    The organization:

    a. Establishes usage restrictions, configuration/connection requirements, and implementation guidance for wireless access; and

    b. Authorizes wireless access to the information system prior to allowing such connections.

    AC-18 (3) Disable Wireless Networking
    The organization disables, when not intended for use, wireless networking capabilities internally embedded within information system components prior to issuance and deployment.

    AccessPatrol

    • Selectively disable Bluetooth, Infrared, and WiFi on endpoints

    AC-19 (4)(c)

    Restricts the connection of classified mobile devices to classified information systems in accordance with [Assignment: organization-defined security policies].

    AccessPatrol

    • Lock portable devices such as mobile phones from connecting to endpoints
    • Block endpoints from using Bluetooth and WiFi
    Requirement CurrentWare Modules & Features

    Audit and Accountability

    AU-3 Content of Audit Records

    The information system generates audit records containing information that establishes what type of event occurred, when the event occurred, where the event occurred, the source of the event, the outcome of the event, and the identity of any individuals or subjects associated with the event.

    AU-6 Audit Review, Analysis, and Reporting

    The organization:

    a. Reviews and analyzes information system audit records [Assignment: organization-defined frequency] for indications of [Assignment: organization-defined inappropriate or unusual activity]; and

    b. Reports findings to [Assignment: organization-defined personnel or roles].

    AU-8 Time Stamps:

    The information system:
    a. Uses internal system clocks to generate timestamps for audit records; and

    b. Records time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) and meets [Assignment: organization-defined granularity of time measurement].

    AU-14 Session Audit:
    The information system provides the capability for authorized users to select a user session to capture/record or view/hear.

    Session audits include, for example, tracking websites visited and recording information and/or file transfers

    BrowseReporter

    • Automated reports and alerts on internet usage, such as attempts to visit high-risk websites
    • Dashboards provide access to raw data for further analysis
    • Capture screenshots of user desktops
    • Uses the internal system clock of the CurrentWare Server’s host to generate timestamps for audit records

    AccessPatrol

    • Reports and alerts on peripheral device usage and file transfers to removable media
    • Dashboards provide access to raw data for further analysis
    • Uses the internal system clock of the CurrentWare Server’s host to generate timestamps for audit records

    enPowerManager

    • Reports on logon and logoff times as well as PC power events (startup, shutdown, sleep, or hibernate)

    CurrentWare Web Console

    • CurrentWare admin activity logs provide details of configuration changes to monitor for malicious or negligent admin activity within the CurrentWare Suite

    AU-4 Audit Storage Capacity
    The organization allocates audit record storage capacity in accordance with [Assignment: organization-defined audit record storage requirements].

     

     

    AU-11 Audit Record Retention:
    The organization retains audit records for [Assignment: organization-defined time period consistent with records retention policy] to provide support for after-the-fact investigations of security incidents and to meet regulatory and organizational information retention requirements.

     The CurrentWare Suite is hosted and managed by your company either on-premises or via a cloud service provider of your choice, giving you full control over data retention.

    Data can be culled automatically after a set time period; which data types are retained can also be customized.

    AU-15 Alternate Audit Capability:

    The organization provides an alternate audit capability in the event of a failure in primary audit capability that provides [Assignment: organization-defined alternate audit functionality].

    All of CurrentWare’s security policies and user activity data have a local cache failsafe in the event that a connection to the server is lost.

    All user activity is still captured and will sync with the primary database once a connection is reestablished.

     

    Requirement CurrentWare Modules & Features

    Configuration Management

    CM-7 Least Functionality
    The organization:

     a. Configures the information system to provide only essential capabilities; and

    b. Prohibits or restricts the use of the following functions, ports, protocols, and/or services: [Assignment: organization-defined prohibited or restricted functions, ports, protocols, and/or services].

    CM-7 (4)(b)

    The organization employs an allow-all, deny-by-exception policy to prohibit the execution of unauthorized software programs on the information system

    BrowseControl

    • Application blocker to employ an allow-all, deny-by-exception policy to prohibit the execution of unauthorized software programs on the information system
    • Port filter to disable unneeded TCP/UDP ports at the endpoint level to reduce the attack surface of endpoints with access to the information system

    CM-10 Software Usage Restrictions

    The organization:

    a. Uses software and associated documentation in accordance with contract agreements and copyright laws;

    b. Tracks the use of software and associated documentation protected by quantity licenses to control copying and distribution; and

    c. Controls and documents the use of peer-to-peer file sharing technology to ensure that this capability is not used for the unauthorized distribution, display, performance, or reproduction of copyrighted work.

    AccessPatrol

    • Monitor file transfers to and from removable storage devices for evidence of unlawful distribution or copying.

    BrowseReporter

    • Track the use of software and SaaS platforms to monitor for overallocation, unauthorized use, and software that the organization does not have commercial licenses for

    BrowseControl

    • Block network ports and applications associated with peer-to-peer file sharing technology.
    • Web category filter includes a database of known file hosting, song/movies download, and warez sites

    CM-11 User-Installed Software

    The organization:

    a. Establishes [Assignment: organization-defined policies] governing the installation of software by users;

    b. Enforces software installation policies through [Assignment: organization-defined methods]; and

    c. Monitors policy compliance at [Assignment: organization-defined frequency].

    AccessPatrol

    • Prevent users from transferring software executables to and from removable media devices

    BrowseReporter

    • Track the use of software and SaaS platforms to monitor for high-risk shadow IT

    BrowseControl

    • Application blocker to employ an allow-all, deny-by-exception policy to prohibit the execution of unauthorized software programs on the information system
    • Block websites that are known to host executable files.
    • Block the download of executables from the internet
    Requirement CurrentWare Modules & Features

    Incident Response

    IR-5 Incident Monitoring

    The organization tracks and documents information system security incidents.

    IR-5 (1)
    The organization employs automated mechanisms to assist in the tracking of security incidents and in the collection and analysis of incident information.

    BrowseReporter

    • Email alerts send user activity reports to a designated inbox when specified events occur
    • Dashboards provide access to raw data for further analysis
    • Capture screenshots of user desktops
    • Uses the internal system clock of the CurrentWare Server’s host to generate timestamps for audit records

    AccessPatrol

    • Email alerts send user activity reports related to peripheral devices to a designated inbox when specified events occur
    • Dashboards provide access to raw data for further analysis
    • Uses the internal system clock of the CurrentWare Server’s host to generate timestamps for audit records

    enPowerManager

    • Reports on logon and logoff times as well as PC power events (startup, shutdown, sleep, or hibernate)

    CurrentWare Web Console

    • CurrentWare admin activity logs provide details of configuration changes to monitor for malicious or negligent admin activity within the CurrentWare Suite

     

    Requirement CurrentWare Modules & Features

    Media Protection

    MP-7 Media Use:
    The organization [Selection: restricts; prohibits] the use of [Assignment: organization-defined types of information system media] on [Assignment: organization-defined information systems or system components] using [Assignment: organization-defined security safeguards].

    AccessPatrol

    • Block peripheral devices such as printers, scanners, cameras, Bluetooth, cell phones, USB removable storage devices, optical media, floppy disks, tape, and SD/MM cards.
    • Allowed list provides exemptions for authorized removable storage devices.

    Learn More: Which devices can I control with AccessPatrol?

     

     

     

    Requirement CurrentWare Modules & Features

    Systems and Services Acquisition

    SA-9 External Information System Services | Processing, Storage, and Service Location

    The organization restricts the location of [Selection (one or more): information processing; information/data; information system services] to [Assignment: organization-defined locations] based on [Assignment: organization-defined requirements or conditions].

    Supplemental Guidance: The location of information processing, information/data storage, or information system services that are critical to organizations can have a direct impact on the ability of those organizations to successfully execute their missions/business functions. This situation exists when external providers control the location of processing, storage or services.

    The criteria external providers use for the selection of processing, storage, or service locations may be different from organizational criteria. For example, organizations may want to ensure that data/information storage locations are restricted to certain locations to facilitate incident response activities (e.g., forensic analyses, after-the-fact investigations) in case of information security breaches/compromises. 

    All data collected by the CurrentWare Suite is controlled and managed by the organization with no reliance on third-party data processors or controllers required.

     

    The organization can host the data on-premises or with a trusted cloud services provider of their choice.

     

    Requirement CurrentWare Modules & Features

    System and Communications Protection

    SC-43 Usage Restrictions

    The organization:

    a. Establishes usage restrictions and implementation guidance for [Assignment: organization-defined information system components] based on the potential to cause damage to the information system if used maliciously; and

    b. Authorizes, monitors, and controls the use of such components within the information system.

    Information system components include hardware, software, or firmware components (e.g., Voice Over Internet Protocol, mobile code, digital copiers, printers, scanners, optical devices, wireless technologies, mobile devices).

    AccessPatrol

    • Users can be restricted from using printers, scanners, optical devices, wireless technologies, and mobile devices on managed devices.
    • Monitor the connection history of a variety of peripherals including portable storage, printers, scanners, optical devices, wireless technologies, and mobile devices on managed devices.

    BrowseControl

    • Access to websites, applications, and network ports can be restricted.

    BrowseReporter

    • Computer usage can be monitored including application usage, bandwidth consumption, and web browsing.

     

     

    CASE STUDY

    Viking Yachts Stops Departing Employee From Stealing Intellectual Property

    CurrentWare saved us a lot of time and money. If we didn’t have them we would have never known what was going on. I cannot thank them enough for this software; being able to audit removable drives is invaluable.

    Tennessee College of Applied Technology

    Flexible Deployment Options

    With CurrentWare’s cybersecurity, web filtering, data loss prevention, and user activity monitoring solutions you’re in complete control of how your data is stored, secured, and retained. Your employees' data cannot be accessed by CurrentWare.

    hp-on-premise

    On Premises

    Keep Control of Your Data

     

    Install the management software on a standard computer, then deploy the client software to your users' computers

    hp-private-cloud

    Remote Workers

    Monitor & Manage on Any Network

     

    Connect your remote employees’ computers to the management software with simple port forwarding rules

    manage-remote-workers-and-users

    Self-Managed Cloud & VDI

    Citrix, Azure, AWS, GCP, and More!

     

    Enjoy the scalability and availability of the cloud alongside the security, control, and flexibility of our on-premises solution

    Free removable media policy template from CurrentWare

    FREE DOWNLOAD
    Removable Media Policy Template 

    Download this data security policy template to prevent data leakage to USB flash drives and other removable storage devices.

    • Set data security standards for portable storage
    • Define the acceptable use of removable media
    • Inform your users about their security responsibilities

    We’re Here to Help

    The CurrentWare team prides itself on its high-quality customer support. We will support you every step of the way—whether you’re just starting your free trial or actively using CurrentWare in your network.

    At CurrentWare, customer success is our priority at every stage of your journey. We take pride in providing high-quality and reliable pre and post-sale support to make your experience exceptional.

    We offer the same level of high-quality support to all of our customers—no extra fees or packages necessary!

    Mike Noseworthy
    Customer Support Lead

    Product Training

    CurrentWare provides the documentation, training, and other resources you need to take full advantage of the capabilities of our products.

    Technical Support

    Our expert support team is here to help you. Reach out to us over email, live chat, or phone from 8:00 AM – 6:00 PM ET, Monday to Friday.

    Check Out Our Great Reviews

    This software helps us to achieve compliance with industry and government requirements with respect to controlling the use of removable storage media. It fits the bill perfectly.

    Matthew W, Project Manager
    Aviation & Aerospace Industry, 11-50 employees

    In my nearly 40 years in the IT business I’ve worked with a lot of support teams. I really appreciate CurrentWare going the extra mile to help me get the most out of the product. They’ve definitely outweighed any of the other competitors that I’ve looked at.

    J.S, Managed Services Provider
    Vehicle Dealership, 150-200 Employees

    The reports are very easy to understand and the fact that they can be emailed to you on a schedule is amazing, and have made finding productivity killers VERY easy. Customer support has been fantastic every time I've had to reach out to them; I highly recommend them!

    Kristen S, Associate IT Director
    The Coding Network, 700+ Employees

    We have experienced data leaks by dishonest employees in the past and AccessPatrol has helped us avoid them and work with greater security and peace of mind for us and our customers.

    Julio V, Head of Information Technology
    Financial Services Industry, 10,001+ employees

    CurrentWare Suite

    Get all 4 modules for the best value or choose the exact solutions you need

    Get Advanced Activity Insights

    BrowseReporter is a versatile employee monitoring software to track productivity and efficiency.

    • Make informed decisions
    • Enforce company policies
    • Improve productivity
    today's insights user score cards

    Block Harmful Websites

    BrowseControl is an easy-to-use website blocking software for restricting internet access.

    • Block URLs & categories
    • Block unwanted apps
    • Website allow & block lists
    Screenshot of category filtering window from BrowseControl web filter. Porn and social media categories blocked.

    Stop Data Theft to USB Devices

    AccessPatrol is USB control software to protect sensitive data against theft to portable storage devices.

    • Block USB devices
    • USB file activity alerts
    • Block file transfers
    AccessPatrol peripheral device permissions mockup block usb

    Control PC Power States

    enPowerManager is a remote PC power manager for centrally managing power settings across all endpoints.

    • Track logon and logoff times
    • Log PC power event history
    • Remotely shutdown PCs
    Screenshot of enPowerManager's PC power schedule with weekly boot, restart, and shutdown events scheduled

    CurrentWare's Key Features

    Internet Off

    User Activity Monitoring

    Track web browsing, software use, search queries, and more

    Remote Screen Capture

    Screenshot Monitoring

    Take automatic screenshots or remotely view desktops

    Application Blocker

    Track Software Usage

    Get insights into software usage trends in your organization

    Stealth

    Transparent & Stealth Modes

    Run silently in the background or provide notice of monitoring

    Block USB

    Block USB & Other Devices

    Set full access, read only or no access on storage devices

    Allowed List

    Device Whitelist

    Allow only authorized storage devices to be used

    Block Files

    Block File Transfers

    Prevent files from being transferred to portable storage

    Reports

    DLP Activity Reports

    Track file transfers, storage device use, file operations, and more

    Internet Off

    Block Websites

    Block websites based on
    URLs & content categories

    Download Filter
    Block Downloads/Uploads

    Prevent uploading and downloading based on file type

    Application Blocker
    Application Blacklisting

    Block specific Windows
    applications from launching

    Internet Off

    PC Power Management

    Remotely track and control PC power states

    Internet Off

    Centralized Console

    Manage all your users from the
    centralized console with Active
    Directory import or syncing

    Internet Off

    Platform Security

    Protect your CurrentWare console
    with 2FA, passwords, privilege
    management, and more

    Internet Off

    Offsite Management

    Extend onsite security policies to computers running outside the corporate network

    Internet Off

    SQL Server Supported

    Database scaled for enterprise and
    large business operations using
    Microsoft SQL Server

    CurrentWare

    Get Started Today
    With a Free Trial

    Fully functional. Easy to use. Install in minutes.

    Learn How to Meet These
    Compliance Requirements With CurrentWare

    NERC CIP Compliance

    Protect TCAs & BCSI From Insider Threats

    Learn More

    ISO 27001 Compliance

    Critical Security Controls for Your ISMS

    Learn More

    CIPA Compliance for Education

    Qualify for the FCC’s E-Rate program

    Learn More

    NIST logo

    NIST 800-171 & 800-53

    Protect Controlled Unclassified Information

    Learn More

    Meet NIST 800-53 & NIST 800-171 Compliance With CurrentWare