08/09/2021 – Product overview: secRMM is a Windows security solution that audits and controls access to removable storage devices (i.e. USB drives and mobile devices). secRMM is very easy to implement in that it can operate on a standalone Windows computer (even XP!) or can be centrally managed for thousands of computers. It can be configured to have security policies for computers and/or groups of users.
Article details: The ‘secRMM Policy Configurator’ program makes it easy for you to use one ‘User Interface’ (UI) program regardless of the way you want to deploy the ‘USB security policies’ to your endpoint computers. Even if you have computers that are on an isolated network (the popular computer phrase for this is ‘air-gapped’). This is common in highly classified environments where the computers may be running in a ‘sensitive compartmented information facility’ (SCIF). Or even if you have completely standalone computers (i.e no network connection).
The ‘secRMM Policy Configurator’ supports (today) 4 different modes:
1. Microsoft SCCM (also called: Microsoft Endpoint Configuration Manager (MECM))
Microsoft calls this the on-premise solution.
Please note the secRMM also has a fully integrated ‘SCCM Console Extension’ so that you can deploy, configure, report and view ‘live dashboard charts’ from right within the SCCM console.
Which User Interface you use (or both!) is entirely up to you.
2. Microsoft Intune (also called: Endpoint Manager)
Microsoft calls this the cloud solution.
3. Microsoft Active Directory Group Policy Objects (AD GPO)
This is another on-premise solution from Microsoft.
This is the term we chose to call when you are operating in an air-gapped or standalone computer mode.
As you can see from the screenshots above, each mode has a slightly different set of properties that are required to utilize the mode. The ‘secRMM Policy Configurator’ handles the differences between the modes so that when you are creating, editing or deleting a USB security policy, it always looks just the same, regardless of the mode. You can see the common editor in the screenshot below.
If you would like to use the ‘secRMM Policy Configurator’ support, you can download it from the Squadra Technologies web site:
www.squadratechnologies.com->software->secRMM->Download->Optional Downloads->secRMM Policy Configurator as shown in the screenshot below.
Closing: We hope you find this tool useful for your environment(s). Please let us know what you think or if you have a requirement for a different environment/framework. You can get more details about secRMM by visiting https://www.squadratechnologies.com.