Would you like to test Security.Desk free of charge?
Control all interfaces
Security.Desk recognizes automatically, if a removable device gets connected via USB, FireWire or a CD or SD memory card gets inserted. You define what happens next: block data transfer completely, allow only reading rights to the user or record all data transfers from and to the external device. Additionally, you can enable encrypted writing on the external medium.
Security.Desk monitors hardware interfaces and internet protocols at the terminal.
Whitelists – unblocking only from certain storage media (limited in time possible)
With the help of the “whitelist”, you can exclude certain devices from the use ban. They regulate individually whether only a special device with a serial number or a specific device type is to be released.
You can only release devices for a specific time interval (from/to) or from or to a specific point in time. In addition, the file protocol (including file type checking) for a device in the whitelist can be explicitly turned on or off.
You can define a whitelist per OU, per group, per user and globally.
Blacklists – Block file types and prevent software applications
Blacklists for file types govern that files of certain types (e.g., exe files) are not inserted or stolen from the network, even though they are e.g. embedded in Office files. The signature of the respective file is checked by Security.Desk when copying, so that such files are blocked, even if the user should rename the files.
You can also prevent the execution of unwanted programs (such as burning software, games, etc.) on the target devices.
The blacklist mobile storage file types are also fully supported on thin clients for RDP and Citrix.
The fully interactive dashboard always shows at a glance the current status of Endpoint Security in your network and enables detailed analysis options for your data.
Cake and bar charts inform you how your clients’ protection status is currently, and how much mobile storage is currently being used on your clients.
The top-client and top-user presentation show you immediately to which clients or from which users mobile memory are conspicuously often used. In addition, the dashboard includes various histories about the use of mobile storage and file movement from and to mobile storage.
In addition, the dashboard offers intuitive drill-down options that allow you to gain deeper insights into the respective data situation of a key figure in the form of prefiltered standard reports.
Clear overview and detailed reporting
Security.Desk gives you an up-to-date overview of the use of e. external storage media per user and computer in your network. In doing so, you automatically increase the security of your vital company data and your system stability. If you log accesses to the hardware interfaces, you can use detailed reports at any time to understand who, when, what action has been taken. The system is also able to email you about the actions of your users at the interfaces of the terminals. Rights are assigned to devices, users, groups or organizational unit (OU) level.
The device permissions for the users can be conveniently set according to their groups or OUs from the Active Directory or individually for the individual user account. Even in offline mode, the individual account permissions remain stored for the logged-in user.
Protection against BadUSB
From version 5.1 Security.Desk offers optimal protection against memory sticks with manipulated firmware (BadUSB). These log in secretly as a mouse, keyboard or network card on the computer and then allow remote control or external use of the affected systems. Security.Desk prevents this attack by controlling USB input devices (mouse and keyboard) as well as network adapters connected to the PC.
If the device is already known and confirmed as non-hazardous, it will be automatically approved. However, if it is an unknown device, a dialog box will appear indicating the newly detected device. If this is accepted by the user, Security.Desk saves the share. However, if it is a compromised USB stick, e.g. as a keyboard or mouse outputs, then this can be blocked directly by the user.
Security.Desk records all user decisions related to input device shares. This gives the administration a valuable overview of the use of connected input devices and network adapters at the end devices in the network.
With Security.Desk mobile users can also be granted temporary user rights for the interfaces via code remote activation, even if the notebooks are disconnected from the network.
Protection against manipulation
The security service of the target clients cannot be affected or stopped by the local administrator.
In addition, you can use Security.Desk to encrypt files using the AES method. You can conveniently download one or more files via the context menu of Windows Explorer with FCS CryptMe! encrypt or decrypt.
Your benefits at a glance
- Active Directory integration
- Rights assignment: allow, read-only, prohibit – separated by HW interface – per user, group, OU & device
- Log of file movement to and from removable media
- Block reading or writing of certain file types from or to removable storage
- Detection of forbidden “embedded files” in Office files
- Monitor file movement of local drives to thin clients
- Clear central control station for compliance management, service distribution and reporting
- Free supplement to supervising USB device types
- Whitelist for specific devices (by ID) or device types
- Blacklist software applications
- Temporary activation of offline computers via an access code
- Alarm via e-mail or tray icon
- Security service cannot be stopped
- Integration with Store O’Crypt (AES 256 hardware encrypted USB stick from FCS)
- Flash Reminder – reminds you when logging out of your PC, if there are any removable media devices connected to the computer
- Protection against BadUSB (memory sticks with manipulated firmware) through the control of input devices (mouse and keyboard) as well as network adapters
- For each client, the BIOS information as well as the data of the logical drives including capacity (total / occupied / free) are now read out and displayed
- The data of the logical drives of the clients are read out together with the “BitLocker” status
- From now on you know by the BIOS information in Security.Desk per device or by a report whether or not these clients have “UEFI Secure Boot” enabled
- Terminal Server: Monitor local drive file movement to thin clients in remote session of Windows Terminal Server, Windows Server 2016 RDS, Citrix MetaFrame, or Citrix XenApp.
- Network protocol: File protocol for all popular Internet protocols.
The price of Security.Desk depends on the number of clients are monitored and on which additional components are used. For an individual offer, please contact us directly.