04/20/2022 – Product/company overview: secRMM is a Windows security solution that audits and controls access to removable storage devices (i.e. USB drives and mobile devices). secRMM is very easy to implement in that it can operate on a standalone Windows computer (even XP!) or can be centrally managed for thousands of computers (using MECM/SCCM/ConfigMgr, Intune, Active Directory GPOs or WinRM). It can be configured to have security policies for computers and/or groups of users.
secRMM is developed by Squadra Technologies. Squadra Technologies is a Microsoft “Independent Software Developer” (ISV) and a member of the “Microsoft Intelligent Security Association” (MISA).
Article details: This is one of those blogs where I am feeling stupid because I know when all the ConfigMgr folks read this, they are going to be thinking “DUH, why didn’t you do this 4-5 years ago?”. And yes, I agree with them, all I can say is better late than never! 😊 So what are we talking about then?
In the newest version of the ‘secRMM SCCM Console Extension’ (version 220.127.116.11), it now generates a security event (in SCCM speak, a status message) whenever a ‘Removable Media Policy’ gets created, modified or deleted. The security event contains the userid, computer (where they are running the SCCM console), policy name/revision# and the version of the ‘secRMM SCCM Console Extension’. We also updated the ‘Removable Media Policy Administration’ report to show these security events. Below are screenshots to map to the words above.
Closing: We hope you find this new secRMM feature useful for your environment(s). Please let us know what you think or if you have a specific requirement for your environment. You can get more details about secRMM by visiting https://www.squadratechnologies.com.