Data Loss Prevention Solutions
CurrentWare awarded 'Easiest to Do Business With' by G2, fall 2024
CurrentWare received Capterra's 2024 shortlist award
CurrentWare is certified Citrix Ready

CMMC Compliance Software

Protect CUI and elevate your cybersecurity maturity with CurrentWare’s security controls for the Cybersecurity Maturity Model Certification.

  • Control Removable Media & Other Peripherals
    Prevent the unauthorized use of high-risk portable storage devices and track allowed devices
  • Protect Controlled Unclassified Information
    Minimize the attack surface of in-scope endpoints
  • Auditable User Activity Logs
    Collect logs of user activity for signs of insider threats, account compromise, and other security risks
CurrentWare is verified Citrix Ready
CurrentWare awarded 'Easiest to Do Business With' by G2, fall 2024
CurrentWare received Capterra's 2024 shortlist award

Trusted by

NASA Logo
New York Department of Transportation Logo
VES Veterans Evaluation Services logo
United States House of Representatives logo
Viking Yachts Logo

& many more

Trusted by

United States House of Representatives logo
NASA Logo
VES Veteran Evaluation Services Logo
Viking Yachts Logo

& many more

CurrentWare’s Security Solutions for CMMC Compliance

Control the Use of Removable Media On System Components

  • Ensure only approved portable storage devices can be used on systems that interface with FCI & CUI
  • Disable wireless connections through Bluetooth devices, infrared, and WiFi
  • Block employees from using mobile devices, printers, and cameras to steal sensitive data

Related CMMC & NIST 800-171 Controls
CMMC MP.L2-3.8.7 Removable Media
CMMC AC.L2-3.1.18 Mobile Device Connection
CMMC CM.L2-3.4.6 Least Functionality
CMMC CM.L2-3.4.7 Nonessential Functionality

NIST SP 800-171 Rev 2 3.1.18
NIST SP 800-171 Rev 2 3.4.6 – 3.4.7

NIST SP 800-171 Rev 2 3.8.7

Device Blocking window Screenshot of CurrentWare's USB device control software AccessPatrol

Detect and Prevent High-Risk Data Transfers

  • Receive real time email alerts when employees violate your data security policies
  • Track the data flow of CUI for non-compliant behavior that needs to be addressed
  • Block file downloads/uploads based on file type to limit vectors for data egress

Related Controls
CMMC AC.L2-3.1.3 Control CUI Flow
CMMC AC.L1-3.1.2 Transaction & Function Control
CMMC AU.L2-3.3.1 System Auditing
CMMC AU.L2-3.3.2 User Accountability
CMMC AU.L2-3.3.6 Reduction & Reporting
CMMC CM.L2-3.4.6 Least Functionality

NIST SP 800-171 Rev 2 3.1.2 – 3.1.3
NIST SP 800-171 Rev 2 3.3.1 – 3.3.2
NIST SP 800-171 Rev 2 3.3.6
NIST SP 800-171 Rev 2 3.4.6

FAR Clause 52.204-21 b.1.ii

Monitor & Restrict the Resources Employees Access

  • Control access to websites, applications, TCP/UDP ports, and intranet portals to enforce the principle of least privilege
  • Apply deny-by-exception (blacklisting) policies to prevent the use of unauthorized software
  • Control and monitor user-installed software to detect shadow IT and other high-risk programs

Related Controls
CMMC AC.L2-3.1.5 Least Privilege
CMMC AC.L1-3.1.20 External Connections
CMMC AC.L1-3.1.2 Transaction & Function Control
CMMC CM.L2-3.4.6 Least Functionality
CMMC CM.L2-3.4.7 Nonessential Functionality
CMMC CM.L2-3.4.8 Application Execution Policy
CMMC CM.L2-3.4.9 User-Installed Software
CMMC SC.L2-3.13.6 Network Communication by Exception

NIST SP 800-171 Rev 2 3.1.2
NIST SP 800-171 Rev 2 3.1.5
NIST SP 800-171 Rev 2 3.1.20
NIST SP 800-171 Rev 2 3.4.6-3.4.9
NIST SP 800-171 Rev 2 3.13.6

FAR Clause 52.204-21 b.1.ii-iii

Blocked website warning message that says "Your IT administrator has prevented you from browsing this URL. Request access"
BrowseReporter app and website activity log with block status and time zone

Retain Logs of User Activity

  • Monitor privileged accounts to ensure they are not being used to access nonsecurity functions
  • Track web browsing, application usage, and file transfers to detect high-risk behavior
  • Create and retain audit logs to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity

Related Controls
CMMC AC.L2-3.1.6 Non-Privileged Account Use 
CMMC AU.L2-3.3.1 System Auditing
CMMC AU.L2-3.3.2 User Accountability
CMMC AU.L2-3.3.6 Reduction & Reporting
CMMC CM.L2-3.4.9 User-Installed Software 

NIST SP 800-171 Rev 2 3.1.6
NIST SP 800-171 Rev 2 3.3.1-3.3.2
NIST SP 800-171 Rev 2 3.3.6
NIST SP 800-171 Rev 2 3.4.9

CASE STUDY

Viking Yachts Stops Departing Employee From Stealing Intellectual Property

CurrentWare saved us a lot of time and money. If we didn’t have them we would have never known what was going on. I cannot thank them enough for this software; being able to audit removable drives is invaluable.

Tennessee College of Applied Technology

CMMC Compliance Requirements You Can Address With CurrentWare

Controls CurrentWare Modules & Features

AC.L2-3.1.3 Control CUI Flow – Control the flow of CUI in accordance with approved authorizations.

NIST SP 800-171 Rev 2 3.1.3

AccessPatrol | Data Loss Prevention

 

  • Prevent the use of unauthorized removable media devices
  • Monitor and restrict file transfers to removable media, websites, cloud storage, and applications

BrowseControl | Web Filter

  • Control data egress points by restricting the use of websites, TCP/UDP ports, and specific applications
  • Block file downloads/uploads based on file type
AC.L2-3.1.5 Least Privilege – Employ the principle of least privilege, including for specific security functions and privileged accounts.

NIST SP 800-171 Rev 2 3.1.5

AccessPatrol | Data Loss Prevention

 

  • Prevent the use of unauthorized removable media devices

BrowseControl | Web Filter

  • Restrict access to websites and intranet portals
AC.L2-3.1.6 Non-Privileged Account Use – Use non-privileged accounts or roles when accessing nonsecurity functions.

NIST SP 800-171 Rev 2 3.1.6

BrowseReporter | User Activity Monitoring

 

  • Get alerted when privileged accounts are used to access specific categories of websites
  • Monitor web browsing and application usage on privileged accounts for signs of misuse
AC.L2-3.1.9 Privacy & Security Notices – Provide privacy and security notices consistent with applicable CUI rules.

NIST SP 800-171 Rev 2 3.1.9

AccessPatrol | Data Loss Prevention

 

  • Provide warning messages to users every time a removable media device is inserted
AC.L2-3.1.18 Mobile Device Connection – Control connection of mobile devices.

NIST SP 800-171 Rev 2 3.1.18

AccessPatrol | Data Loss Prevention

 

  • Prevent mobile devices from connecting to computers via USB
  • Block the use of Bluetooth connections on computers
AC.L1-3.1.2 Transaction & Function Control – Limit information system access to the types of transactions and functions that authorized users are permitted to execute.

FAR Clause 52.204-21 b.1.ii

NIST SP 800-171 Rev 2 3.1.2

BrowseControl | Web Filter

 

  • Restrict access to websites and intranet portals
AC.L1-3.1.20 External Connections – Verify and control/limit connections to and use of external information systems.

FAR Clause 52.204-21 b.1.iii

NIST SP 800-171 Rev 2 3.1.20

BrowseControl | Web Filter

 

  • Restrict access to websites and intranet portals
Controls CurrentWare Modules & Features
AU.L2-3.3.1 System Auditing – Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity.

NIST SP 800-171 Rev 2 3.3.1

AccessPatrol | Data Loss Prevention
  • Monitor file transfers to removable media, websites, cloud storage, and applications

BrowseReporter | User Activity Monitoring

  • Monitor web browsing and application usage

enPowerManager | Remote PC Power Manager

  • Maintain logs of employee logon/logoff times and system power events
AU.L2-3.3.2 User Accountability – Ensure that the actions of individual system users can be uniquely traced to those users, so they can be held accountable for their actions.

NIST SP 800-171 Rev 2 3.3.2

All CurrentWare modules distinguish between specific user accounts, ensuring that all user activity is attributable to specific users
AU.L2-3.3.5 Audit Correlation – Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity.

NIST SP 800-171 Rev 2 3.3.5

AccessPatrol | Data Loss Prevention
  • Monitor file transfers to removable media, websites, cloud storage, and applications

BrowseReporter | User Activity Monitoring

  • Monitor web browsing and application usage

enPowerManager | Remote PC Power Manager

  • Maintain logs of employee logon/logoff times and system power events
AU.L2-3.3.6 Reduction & Reporting – Provide audit record reduction and report generation to support on-demand analysis and reporting.

NIST SP 800-171 Rev 2 3.3.6

User activity data collected by CurrentWare can be exported as PDF or CSV reports
AU.L2-3.3.9 Audit Management – Limit management of audit logging functionality to a subset of privileged users.

NIST SP 800-171 Rev 2 3.3.9

With CurrentWare’s operator accounts you can ensure access to user activity data is protected behind unique admin accounts with two-factor authentication capabilities
Controls CurrentWare Modules & Features
CM.L2-3.4.1 System Baselining – Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles.

NIST SP 800-171 Rev 2 3.4.1

BrowseReporter | User Activity Monitoring
  • Monitor software usage for evidence of shadow IT
CM.L2-3.4.6 Least Functionality – Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities.

NIST SP 800-171 Rev 2 3.4.6

AccessPatrol | Data Loss Prevention
  • Prevent the use of removable media devices and other peripherals such as Bluetooth, WiFi, Scanners, and Printers
  • See what devices you can control with AccessPatrol

BrowseControl | Web Filter

  • Restrict which websites, applications, and TCP/UDP ports can be used
  • Prevent access to the internet
CM.L2-3.4.7 Nonessential Functionality – Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services.

NIST SP 800-171 Rev 2 3.4.7

AccessPatrol | Data Loss Prevention
  • Prevent the use of removable media devices and other peripherals such as Bluetooth, WiFi, Scanners, and Printers
  • See what devices you can control with AccessPatrol

BrowseControl | Web Filter

  • Restrict which websites, applications, and TCP/UDP ports can be used
  • Prevent access to the internet
CM.L2-3.4.8 Application Execution Policy – Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized software or deny-all, permit-by-exception (whitelisting) policy to allow the execution of authorized software.

NIST SP 800-171 Rev 2 3.4.8

BrowseControl | Web Filter
  • Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized software
CM.L2-3.4.9 User-Installed Software – Control and monitor user-installed software.

NIST SP 800-171 Rev 2 3.4.9

AccessPatrol | Data Loss Prevention
  • Monitor file transfers over user-installed software

BrowseControl | Web Filter

  • Apply deny-by-exception (blacklisting) policy to prevent the use of unauthorized software

BrowseReporter | User Activity Monitoring

  • Monitor software usage for evidence of shadow IT
Controls CurrentWare Modules & Features
AT.L2-3.2.1 Role-Based Risk Awareness – Ensure that managers, systems administrators, and users of organizational systems are made aware of the security risks associated with their activities and of the applicable policies, standards, and procedures related to the security of those systems.

NIST SP 800-171 Rev 2 3.2.1

AccessPatrol | Data Loss Prevention
  • Provide warning messages to users every time a removable media device is inserted

BrowseControl | Web Filter

  • Redirect users away from blocked websites to a policy reminder landing page
Controls CurrentWare Modules & Features

MP.L2-3.8.7 Removable Media – Control the use of removable media on system components.

NIST SP 800-171 Rev 2 3.8.7

AccessPatrol | Data Loss Prevention

 

  • Prevent the use of unauthorized removable media
  • Allow the use of pre-approved removable media (whitelist)
  • Prevent the transfer of files based on file name and keyword
  • Retain logs of all removable media devices used on managed systems

MP.L2-3.8.8 Shared Media – Prohibit the use of portable storage devices when such devices have no identifiable owner.

NIST SP 800-171 Rev 2 3.8.8

AccessPatrol | Data Loss Prevention

  • Prevent the use of unauthorized removable media
Controls CurrentWare Modules & Features
SC.L2-3.13.6 Network Communication by Exception – Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).

NIST SP 800-171 Rev 2 3.13.6

BrowseControl | Web Filter
  • Restrict the use of TCP/UDP ports
  • Limit internet access to pre-approved websites and portals (URL whitelisting)
SC.L2-3.13.14 Voice over Internet Protocol – Control and monitor the use of Voice over Internet Protocol (VoIP) technologies.

NIST SP 800-171 Rev 2 3.13.14

BrowseControl | Web Filter
  • Restrict the use of TCP/UDP ports
  • Block access to known VoIP technologies (URL & application blacklists)
  • Limit internet access to pre-approved websites and portals (URL whitelisting)

BrowseReporter | User Activity Monitoring

  • Track URLs and applications accessed

CASE STUDY

Boston Centerless Scales Production & Secures Their Remote Workforce

CurrentWare has been nothing but supportive of us since we started. This is probably one of the best systems that we’ve ever invested in.

Once we got CurrentWare installed it opened the door for remote work for us; we could control the equipment and make sure our people were being productive and safe.

It’s easy to overlook the threat that can arise from within the company, especially when devices are being taken off site. The damage that data breaches can cause is enormous!

See What Our Customers Have to Say

This software helps us to achieve compliance with industry and government requirements with respect to controlling the use of removable storage media. It fits the bill perfectly.

Matthew W, Project Manager
Aviation & Aerospace Industry, 11-50 employees

In my nearly 40 years in the IT business I’ve worked with a lot of support teams. I really appreciate CurrentWare going the extra mile to help me get the most out of the product. They’ve definitely outweighed any of the other competitors that I’ve looked at.

J.S, Managed Services Provider
Vehicle Dealership, 150-200 Employees

The reports are very easy to understand and the fact that they can be emailed to you on a schedule is amazing... Customer support has been fantastic every time I've had to reach out to them; I highly recommend them!

Kristen S, Associate IT Director
The Coding Network, 700+ Employees

We have experienced data leaks by dishonest employees in the past and AccessPatrol has helped us avoid them and work with greater security and peace of mind for us and our customers.

Julio V, Head of Information Technology
Financial Services Industry, 10,001+ employees

Free removable media policy template from CurrentWare

FREE DOWNLOAD
Removable Media Policy Template 

Download this data security policy template to prevent data leakage to USB flash drives and other removable storage devices.

  • Set data security standards for portable storage
  • Define the acceptable use of removable media
  • Inform your users about their security responsibilities

CurrentWare's Key Features

Internet Off

User Activity Monitoring

Track web browsing, software use, search queries, and more

Remote Screen Capture

Screenshot Monitoring

Take automatic screenshots or remotely view desktops

Application Blocker

Track Software Usage

Get insights into software usage trends in your organization

Stealth

Transparent & Stealth Modes

Run silently in the background or provide notice of monitoring

Block USB

Block USB & Other Devices

Set full access, read only or no access on storage devices

Allowed List

Device Whitelist

Allow only authorized storage devices to be used

Block Files

Block File Transfers

Prevent files from being transferred to portable storage

Reports

DLP Activity Reports

Track file transfers, storage device use, file operations, and more

Internet Off

Block Websites

Block websites based on
URLs & content categories

Download Filter
Block Downloads/Uploads

Prevent uploading and downloading based on file type

Application Blocker
Application Blacklisting

Block specific Windows
applications from launching

Internet Off

PC Power Management

Remotely track and control PC power states

Internet Off

Central Web Console

Save time with a central admin console; optionally integrate Active
Directory OUs or security groups

Internet Off

Platform Security

Protect your CurrentWare console
with 2FA, passwords, privilege
management, and more

Internet Off

Offsite Management

Extend onsite security policies to computers running outside the corporate network

Internet Off

SQL Server Supported

Database scaled for enterprise and
large business operations using
Microsoft SQL Server

CurrentWare

Get Started Today
With a Free Trial

Fully functional. Easy to use. Install in minutes.

Learn How to Meet These Compliance Requirements With CurrentWare

NERC CIP

Protect TCAs & BCSI From Insider Threats

Learn More

ISO 27001

Increase the Maturity of Your ISO27K ISMS

Learn More

NIST logo

NIST 800-171/53

Protect Controlled Unclassified Information

Learn More

CIPA for Education

Qualify for the FCC’s
E-Rate Program

Learn More

Cyber Essentials

Critical Security Controls For Your Assessment

Learn More

Cybersecurity Maturity Model Certification CMMC Logo

CMMC

Protect CUI to qualify for DoD contracts

Learn More

CurrentWare logo

Try CurrentWare for Free

Fully functional. Easy to use. $5 USD user/month, discounts available