Incorporate data security into your runbooks/workflows. “Security Removable Media Manager” (secRMM) monitors (into the Windows Security Event Log) and controls (i.e. implements security rules/policies) access to external storage devices. External storage devices in this context means any type of storage device that can be attached to the Windows computer using plug-and-play technology. Specifically, this includes external hard drives, usb sticks, SDCards, CD/DVD, smart phones and tablets.
An example scenario of Orchestrator and secRMM combined is a weekly backup for a particular department. At the start of the backup window, Orchestrator can call secRMM to allow files to be written to a particular external hard drive that has a specific serial number. It can also indicate the specific directory as the source of the backup. Once the backup terminates, Orchestrator can call secRMM to “lock down” access to removable media.
Removable Media security is a very important topic. USB attached devices (especially smart phones and tablets [BYOD]) is a subject that is overshadowed by MDM but it is actually the easiest way for a complete end-user to take valuable and/or sensitive data from the corporation without anyone knowing that it happened. secRMM solves this problem.