Contact an.


 Would you like to test Security.Desk free of charge? 

Endpoint Security


Control all interfaces

Security.Desk recognizes automatically, if a removable device gets connected via USB, FireWire or a CD or SD memory card gets inserted. You define what happens next: block data transfer completely, allow only reading rights to the user or record all data transfers from and to the external device. Additionally, you can enable encrypted writing on the external medium.

Security.Desk monitors hardware interfaces and internet protocols at the terminal.


Whitelists – unblocking only from certain storage media (limited in time possible)

With the help of the “whitelist”, you can exclude certain devices from the use ban. They regulate individually whether only a special device with a serial number or a specific device type is to be released.
ou can only release devices for a specific time interval (from/to) or from or to a specific point in time. In addition, the file protocol (including file type checking) for a device in the whitelist can be explicitly turned on or off.

You can define a whitelist per OU, per group, per user and globally.

Blacklists – Block file types and prevent software applications

Blacklists for file types govern that files of certain types (e.g., exe files) are not inserted or stolen from the network, even though they are e.g. embedded in Office files. The signature of the respective file is checked by Security.Desk when copying, so that such files are blocked, even if the user should rename the files.

You can also prevent the execution of unwanted programs (such as burning software, games, etc.) on the target devices.

The blacklist mobile storage file types are also fully supported on thin clients for RDP and Citrix.

Interactive Dashboard

The fully interactive dashboard always shows at a glance the current status of Endpoint Security in your network and enables detailed analysis options for your data.

Cake and bar charts inform you how your clients’ protection status is currently, and how much mobile storage is currently being used on your clients.
The top-client and top-user presentation show you immediately to which clients or from which users mobile memory are conspicuously often used. In addition, the dashboard includes various histories about the use of mobile storage and file movement from and to mobile storage.
In addition, the dashboard offers intuitive drill-down options that allow you to gain deeper insights into the respective data situation of a key figure in the form of prefiltered standard reports.

Detailed reporting and rights management at all levels

Security.Desk gives you an up-to-date overview of the use of e. external storage media per user and computer in your network. In doing so, you automatically increase the security of your vitWith Security.Desk you always get an up-to-date overview of the use of e.g. external storage media per user and computer in your network. You automatically increase the security of your vital company data and your system stability. If you log the accesses to the hardware interfaces, you can track who, when and which action was taken at any time by means of detailed reports.
All standard reports can be time-controlled, filtered and grouped according to your own templates, generated and sent by e-mail.
The system is also able to inform you about the actions of your users at the interfaces of the end devices by email. Rights are assigned a device, user, group or organizational unit (OU) level.
The device authorizations for the users can be conveniently defined according to their groups or OUs from the Active Directory or individually for the individual user account. Even in offline mode, the individual account authorizations for the logged in user remain stored.

Protection against BadUSB

From version 5.1 Security.Desk offers optimal protection against memory sticks with manipulated firmware (BadUSB). These log in secretly as a mouse, keyboard or network card on the computer and then allow remote control or external use of the affected systems. Security.Desk prevents this attack by controlling USB input devices (mouse and keyboard) as well as network adapters connected to the PC.
If the device is already known and confirmed as non-hazardous, it will be automatically approved. However, if it is an unknown device, a dialog box will appear indicating the newly detected device. If this is accepted by the user, Security.Desk saves the share. However, if it is a compromised USB stick, e.g. as a keyboard or mouse outputs, then this can be blocked directly by the user.
Security.Desk records all user decisions related to input device shares. This gives the administration a valuable overview of the use of connected input devices and network adapters at the end devices in the network.

Temporary releases

With Security.Desk mobile users can also be granted temporary user rights for the interfaces via code remote activation, even if the notebooks are disconnected from the network.

Protection against manipulation

The security service of the target clients cannot be affected or stopped by the local administrator.

File encryption

In addition, you can use Security.Desk to encrypt files using the AES method. You can conveniently download one or more files via the context menu of Windows Explorer with FCS CryptMe! encrypt or decrypt.

Your benefits at a glance

  • Active Directory integration
  • Rights assignment: allow, read-only, prohibit – separated by HW interface – per user, group, OU & device
  • Log of file movement to and from removable media
  • Block reading or writing of certain file types from or to removable storage
  • Detection of forbidden “embedded files” in Office files
  • Monitor file movement of local drives to thin clients
  • Clear central control station for compliance management, service distribution and reporting
  • Free supplement to supervising USB device types
  • Whitelist for specific devices (by ID) or device types
  • Blacklist software applications
  • Temporary activation of offline computers via an access code
  • Alarm via e-mail or tray icon
  • Security service cannot be stopped
  • Integration with Store O’Crypt (AES 256 hardware encrypted USB stick from FCS)
  • Flash Reminder – reminds you when logging out of your PC, if there are any removable media devices connected to the computer
  • Protection against BadUSB (memory sticks with manipulated firmware) through the control of input devices (mouse and keyboard) as well as network adapters
  • For each client, the BIOS information as well as the data of the logical drives including capacity (total / occupied / free) are now read out and displayed
  • The data of the logical drives of the clients are read out together with the “BitLocker” status
  • Security.Desk now displays complete data on the client operating system (version, release, build number, service pack, etc.).
  • You can see from the BIOS information in Security.Desk per device or from a report whether “UEFI Secure Boot” is activated or not on these clients.
  • Windows update options and status per computer as well as information about the Windows Update Server

Additional modules

  • Terminal Server: Monitor local drive file movement to thin clients in remote session of Windows Terminal Server, Windows Server 2016 RDS, Citrix MetaFrame, or Citrix XenApp.
  • Network protocol: File protocol for all popular Internet protocols.
  • Active Directory Loader: Connection to the AD for Admin-Single-Sign-On and administration of complex company structures (see also Security.Desk Enterprise Edition).

Large company? Complex network?

The new Security.Desk Enterprise Edition: import OUs and groups, assign clients automatically, assign access rights by units and log on with Single Sign-On.

With the Enterprise Edition, Security.Desk is directly connected to the Active Directory.

Different profiles for the transfer of OUs and groups from the Active Directory can be defined easily and conveniently. A time control enables a periodic comparison of the Active Directory with Security.Desk. New clients are automatically assigned to the appropriate profile (e.g. a location or a department). From the OU structure in the Active Directory, the system optionally creates groups in the manager tree.

The coupling with the Active Directory enables the Single Sign-On for Security Desk Admins and facilitates the assignment of rights on an AD basis as well as the faster retrieval of certain groups and OUs in the Active Directory. The access rules via interfaces on PCs and / or thin clients in complex company structures can thus be managed much more effectively centrally and decentrally.

The price of Security.Desk depends on the number of clients are monitored and on which additional components are used. For an individual offer, please contact us directly.

Start typing and press Enter to search