CurrentWare v7.0.2 is here! Read the release blog to learn more.

data security

NIST 800-171 Compliance Software

Protect controlled unclassified information with the robust data loss prevention, endpoint security, and user activity monitoring features in the CurrentWare Suite.

  • Control Removable Media & Other Peripherals

    Prevent the unauthorized use of high-risk wireless and peripheral devices

  • Endpoint Security Controls for Defense-in-Depth
    Minimize the attack surface of endpoints within information systems
  • Advanced Awareness & Access Control
    Monitor and restrict user activity to protect sensitive information

Trusted By:

CW_AXA_logo
CW_AXA_logo
bostoncenterless logo

& many more

Trusted by:

CW_AXA_logo

and more

NIST 800-53 & NIST 800-171 Compliance Requirements
You Can Address With CurrentWare

Access Control

Requirement CurrentWare Modules & Features
AC-6 Least Privilege

The organization employs the principle of least privilege, allowing only authorized accesses for users (or processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.

BrowseControl

  • Granularly control which websites, intranet portals, and web services users can access
  • Prevent users from launching specific software executables

AccessPatrol

  • Granularly restrict portable storage devices, wireless connections, and other peripherals based on groups of computers or users | Learn More
  • Ensure only authorized removable media is able to be used
  • Get alerts when unknown or blocked removable media is inserted into endpoints
AC-18 Wireless Access

The organization:

a. Establishes usage restrictions, configuration/connection requirements, and implementation guidance for wireless access; and

b. Authorizes wireless access to the information system prior to allowing such connections.

AC-18 (3) Disable Wireless Networking
The organization disables, when not intended for use, wireless networking capabilities internally embedded within information system components prior to issuance and deployment.

AccessPatrol

  • Selectively disable Bluetooth, Infrared, and WiFi on endpoints

AC-19 (4)(c)

Restricts the connection of classified mobile devices to classified information systems in accordance with [Assignment: organization-defined security policies].

AccessPatrol

  • Lock portable devices such as mobile phones from connecting to endpoints
  • Block endpoints from using Bluetooth and WiFi

Audit and Accountability

Requirement CurrentWare Modules & Features
AU-3 Content of Audit Records

The information system generates audit records containing information that establishes what type of event occurred, when the event occurred, where the event occurred, the source of the event, the outcome of the event, and the identity of any individuals or subjects associated with the event.

AU-6 Audit Review, Analysis, and Reporting

The organization:

a. Reviews and analyzes information system audit records [Assignment: organization-defined frequency] for indications of [Assignment: organization-defined inappropriate or unusual activity]; and

b. Reports findings to [Assignment: organization-defined personnel or roles].

AU-8 Time Stamps:

The information system:
a. Uses internal system clocks to generate timestamps for audit records; and

b. Records time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) and meets [Assignment: organization-defined granularity of time measurement].

AU-14 Session Audit:
The information system provides the capability for authorized users to select a user session to capture/record or view/hear.

Session audits include, for example, tracking websites visited and recording information and/or file transfers

BrowseReporter

  • Automated reports and alerts on internet usage, such as attempts to visit high-risk websites
  • Dashboards provide access to raw data for further analysis
  • Capture screenshots of user desktops
  • Uses the internal system clock of the CurrentWare Server’s host to generate timestamps for audit records

AccessPatrol

  • Reports and alerts on peripheral device usage and file transfers to removable media
  • Dashboards provide access to raw data for further analysis
  • Uses the internal system clock of the CurrentWare Server’s host to generate timestamps for audit records

enPowerManager

  • Reports on logon and logoff times as well as PC power events (startup, shutdown, sleep, or hibernate)

CurrentWare Web Console

  • CurrentWare admin activity logs provide details of configuration changes to monitor for malicious or negligent admin activity within the CurrentWare Suite
AU-4 Audit Storage Capacity
The organization allocates audit record storage capacity in accordance with [Assignment: organization-defined audit record storage requirements].

 

AU-11 Audit Record Retention:
The organization retains audit records for [Assignment: organization-defined time period consistent with records retention policy] to provide support for after-the-fact investigations of security incidents and to meet regulatory and organizational information retention requirements.

 The CurrentWare Suite is hosted and managed by your company either on-premises or via a cloud service provider of your choice, giving you full control over data retention.

Data can be culled automatically after a set time period; which data types are retained can also be customized.

AU-15 Alternate Audit Capability:

The organization provides an alternate audit capability in the event of a failure in primary audit capability that provides [Assignment: organization-defined alternate audit functionality].

All of CurrentWare’s security policies and user activity data have a local cache failsafe in the event that a connection to the server is lost.

All user activity is still captured and will sync with the primary database once a connection is reestablished.

 

Configuration Management

Requirement CurrentWare Modules & Features
CM-7 Least Functionality
The organization:

 

a. Configures the information system to provide only essential capabilities; and

b. Prohibits or restricts the use of the following functions, ports, protocols, and/or services: [Assignment: organization-defined prohibited or restricted functions, ports, protocols, and/or services].

CM-7 (4)(b)

The organization employs an allow-all, deny-by-exception policy to prohibit the execution of unauthorized software programs on the information system

BrowseControl

  • Application blocker to employ an allow-all, deny-by-exception policy to prohibit the execution of unauthorized software programs on the information system
  • Port filter to disable unneeded TCP/UDP ports at the endpoint level to reduce the attack surface of endpoints with access to the information system
CM-10 Software Usage Restrictions

The organization:

a. Uses software and associated documentation in accordance with contract agreements and copyright laws;

b. Tracks the use of software and associated documentation protected by quantity licenses to control copying and distribution; and

c. Controls and documents the use of peer-to-peer file sharing technology to ensure that this capability is not used for the unauthorized distribution, display, performance, or reproduction of copyrighted work.

AccessPatrol

  • Monitor file transfers to and from removable storage devices for evidence of unlawful distribution or copying.

BrowseReporter

  • Track the use of software and SaaS platforms to monitor for overallocation, unauthorized use, and software that the organization does not have commercial licenses for

BrowseControl

  • Block network ports and applications associated with peer-to-peer file sharing technology.
  • Web category filter includes a database of known file hosting, song/movies download, and warez sites

CM-11 User-Installed Software

The organization:

a. Establishes [Assignment: organization-defined policies] governing the installation of software by users;

b. Enforces software installation policies through [Assignment: organization-defined methods]; and

c. Monitors policy compliance at [Assignment: organization-defined frequency].

AccessPatrol

  • Prevent users from transferring software executables to and from removable media devices

BrowseReporter

  • Track the use of software and SaaS platforms to monitor for high-risk shadow IT

BrowseControl

  • Application blocker to employ an allow-all, deny-by-exception policy to prohibit the execution of unauthorized software programs on the information system
  • Block websites that are known to host executable files.
  • Block the download of executables from HTTP sites. (HTTPS in development)

Incident Response

Requirement CurrentWare Modules & Features
IR-5 Incident Monitoring

The organization tracks and documents information system security incidents.

IR-5 (1)
The organization employs automated mechanisms to assist in the tracking of security incidents and in the collection and analysis of incident information.

BrowseReporter

  • Email alerts send user activity reports to a designated inbox when specified events occur
  • Dashboards provide access to raw data for further analysis
  • Capture screenshots of user desktops
  • Uses the internal system clock of the CurrentWare Server’s host to generate timestamps for audit records

AccessPatrol

  • Email alerts send user activity reports related to peripheral devices to a designated inbox when specified events occur
  • Dashboards provide access to raw data for further analysis
  • Uses the internal system clock of the CurrentWare Server’s host to generate timestamps for audit records

enPowerManager

  • Reports on logon and logoff times as well as PC power events (startup, shutdown, sleep, or hibernate)

CurrentWare Web Console

  • CurrentWare admin activity logs provide details of configuration changes to monitor for malicious or negligent admin activity within the CurrentWare Suite

 

Media Protection

Requirement CurrentWare Modules & Features

MP-7 Media Use:
The organization [Selection: restricts; prohibits] the use of [Assignment: organization-defined types of information system media] on [Assignment: organization-defined information systems or system components] using [Assignment: organization-defined security safeguards].

AccessPatrol

  • Block peripheral devices such as printers, scanners, cameras, Bluetooth, cell phones, USB removable storage devices, optical media, floppy disks, tape, and SD/MM cards.

  • Allowed list provides exemptions for authorized removable storage devices.

Learn More: Which devices can I control with AccessPatrol?

 

 

 

System and Services Acquisition

Requirement CurrentWare Modules & Features
SA-9 External Information System Services | Processing, Storage, and Service Location

The organization restricts the location of [Selection (one or more): information processing; information/data; information system services] to [Assignment: organization-defined locations] based on [Assignment: organization-defined requirements or conditions].

Supplemental Guidance: The location of information processing, information/data storage, or information system services that are critical to organizations can have a direct impact on the ability of those organizations to successfully execute their missions/business functions. This situation exists when external providers control the location of processing, storage or services.

The criteria external providers use for the selection of processing, storage, or service locations may be different from organizational criteria. For example, organizations may want to ensure that data/information storage locations are restricted to certain locations to facilitate incident response activities (e.g., forensic analyses, after-the-fact investigations) in case of information security breaches/compromises. 

All data collected by the CurrentWare Suite is controlled and managed by the organization with no reliance on third-party data processors or controllers required.

The organization can host the data on-premises or with a trusted cloud services provider of their choice.

 

System and Communications Protection

Requirement CurrentWare Modules & Features

SC-43 Usage Restrictions

The organization:

a. Establishes usage restrictions and implementation guidance for [Assignment: organization-defined information system components] based on the potential to cause damage to the information system if used maliciously; and

b. Authorizes, monitors, and controls the use of such components within the information system.

Information system components include hardware, software, or firmware components (e.g., Voice Over Internet Protocol, mobile code, digital copiers, printers, scanners, optical devices, wireless technologies, mobile devices).

AccessPatrol

  • Users can be restricted from using printers, scanners, optical devices, wireless technologies, and mobile devices on managed devices.
  • Monitor the connection history of a variety of peripherals including portable storage, printers, scanners, optical devices, wireless technologies, and mobile devices on managed devices.

BrowseControl

  • Access to websites, applications, and network ports can be restricted.

BrowseReporter

  • Computer usage can be monitored including application usage, bandwidth consumption, and web browsing.

 

 

viking yachts

Case Study

Viking Yachts Protects Sensitive Information From a Departing Employee

“CurrentWare saved us a lot of time and money. If we didn’t have AccessPatrol we would have never known what was going on. I cannot thank all of you enough for this software.”

A departing employee was caught stealing classified files! If we didn’t have AccessPatrol we would never have known.

Flexible Deployment Options

On-Premises | Remote Workers | Self-Managed Cloud

hp-on-premise

Download the Free Trial

Get started today with a free fully-functional 14-day trial of the CurrentWare Suite. No credit card required to sign up!

hp-private-cloud

Deploy the Software

Install the Console & Server on a computer, server, or a cloud platform of your choice. Then deploy the Clients to your users’ computers.

manage-remote-workers-and-users

Manage your Users

Organize your PCs/Users into custom policy groups. Get advanced awareness & control over how technology is used in your organization.

Free removable media policy template from CurrentWare

FREE DOWNLOAD
Removable Media Policy

Download this data security policy template to prevent data leakage to USB flash drives and other removable storage devices.

  • Set data security standards for portable storage
  • Define the acceptable use of removable media
  • Inform your users about their security responsibilities

Check Out Our Great Reviews on Capterra!

The reporting feature offers accurate insights on internet activities in order to ensure compliance & organization policies are met. The offsite management feature makes it easy to monitor those working from home.

Carroline Achieng O., Sales Consultant
Absa Life Assurance, 10,001+ Employees

We have experienced data leaks by dishonest employees in the past and AccessPatrol has helped us avoid them and work with greater security and peace of mind for us and our customers.

Julio V., Head of Information Technology
Financial Services Industry, 10,001+ employees

As a 'novice' I was able to set up with help from support in about an hour. Previous software took forever and didn't work as advertised. This software worked right out of the box.

Dr. Gerard B, Office Manager
2-10 Employees

The software actually does what was advertised and the support is great! We were able to have the software up and running on the same day with no issues or even a call/email to their support.

Ken W, IT Manager
201-500 Employees

CurrentWare Suite

Get all 4 modules for the best value or choose the exact solution you need

Get Advanced  Activity Insights

BrowseReporter is a versatile employee monitoring software to track productivity and efficiency.

  • Make informed decisions
  • Enforce company policies
  • Improve productivity

Employee Productivity Dashboard

Block Dangerous & Unwanted Sites

BrowseControl is an easy-to-use website blocking software for restricting internet access.

  • Block URLs & categories
  • Block unwanted apps
  • Website allow & block lists

Screenshot of category filtering window from BrowseControl web filter. Porn and social media categories blocked.

Stop Data Theft to USB Devices

AccessPatrol is USB control software to protect sensitive data against theft to portable storage devices.

  • Block USB devices
  • USB file activity alerts
  • Block file transfers

Device Blocking window Screenshot of CurrentWare's USB device control software AccessPatrol

Remotely Control PC Power States

enPowerManager is a remote PC power manager for centrally managing power settings across all endpoints.

  • Track logon and logoff times
  • Log PC power event history
  • Remotely shutdown PCs

Screenshot of enPowerManager's PC power schedule with weekly boot, restart, and shutdown events scheduled

CurrentWare Features

Internet Off

Internet ON/OFF

One click to completely block
the Internet

Internet Off

URL Filter

Allowed list or Blocked list for
specific URLs

Internet Off

Category Filtering

Block websites based on
content categories

Internet Off

Internet Scheduler

Set unique restrictions at specific
times of the day

Internet Off

Internet Monitoring

Track what websites are being
visited by employees

Internet Off

Web Activity Reports

15+ different detailed web
activity reports

Internet Off

Track Application Use

See what applications are being
used by employees

Internet Off

Email Reports

Automatically email reports of web
usage to managers

Internet Off

Block USB

Block unauthorized USBs to protect
against data theft

Internet Off

Block External Devices

Easily block DVDs, external drives
& other peripherals

Internet Off

Device Permissions

Set full access, read only or no
access on storage devices

Internet Off

Allowed List

Allow specific storage devices on
your network

Internet Off

Centralized Console

Manage all your users from the
centralized console with Active
Directory import or syncing

Internet Off

Platform Security

Protect your CurrentWare console
with 2FA, passwords, privilege
management, and more

Internet Off

Offsite Management

Extend onsite Internet usage
policies to laptops running outside
the corporate network

Internet Off

SQL Server Supported

Database scaled for enterprise and
large business operations using
Microsoft SQL Server

CurrentWare

Get Started Today
With a Free Trial

Fully functional. Easy to use. Install in minutes.

Learn How to Meet These
Compliance Requirements With CurrentWare

NERC CIP Compliance

Protect TCAs & BCSI From Insider Threats

Learn More

ISO 27001 Compliance

Critical Security Controls for Your ISMS

Learn More

CIPA Compliance for Education

Qualify for the FCC’s E-Rate program

Learn More

NIST logo

NIST 800-171 & 800-53

Protect Controlled Unclassified Information

Learn More

Meet NIST 800-53 & NIST 800-171 Compliance With CurrentWare