USB Device Management


USB devices present a potential cyber security threat to a company, as they may contain malware or be involved in data leaks. For this reason, these devices are frequently prohibited by corporate security policies. A total USB device ban (which sometimes includes disabling USB ports on corporate laptops) however, has become rather outdated and can hardly be practically implemented in a modern company. With bring-your-own-device (BYOD) policies becoming increasingly popular, it’s crucial to be able to monitor and block USB devices in your system.


Ekran System® provides software-based USB blocking functionality as an important addition to user activity monitoring and access management. Unlike hardware USB port blockers, Ekran System gives you smart and adjustable USB blocking solutions.



How it works


USB device management starts with configuring the rules to monitor and block USB devices of different types: mass storage devices, modems, human interface devices (HIDs), video devices, etc. You can assign different USB device management rules to different clients and client groups.


Using these rules, you can:

  • Monitor connected USB devices. When a device of a specified class is connected to a monitored endpoint, all of its details will be logged together with all other user activity that is normally recordred.

  • Control access to USB devices. Upon connection, an employee has to justify why he/she needs to use this device. An administrator can then manually grant or deny access based on the user’s justification. This feature makes the USB blocking policy more convenient to use.

  • Alert when USB devices are connected. When a potentially dangerous type of deviсe is connected, your security personnel will receive a real-time alert by email or tray notification.

  • Block connected USB devices. When a device of a prohibited type is connected, it will be completely blocked and the user can be notified about this with a custom pop-up message.



Unlike other monitoring solutions, Ekran System logs connections to all types of USB devices, not only USB mass storage devices. Coupled with user monitoring functionality, USB device management provides you with full visibility into potential data breaches and insider attacks via USB devices.


To complement USB device blacklisting, Ekran System provides:

  • Whitelisting functionality and an exception list where you can specify USB devices by hardware ID, vendor ID, and other parameters.
  • Information on monitored USB devices in the indexed session video logs.
  • Ability to grant selective access to USB devices based on its necessity.
  • Real-time alerts and notifications with a link to an online video of the suspicious event.
  • USB reports containing USB blocking events during the reporting period and details on the blocked USB devices.




When to use USB device management®


USB device management is an important part of insider threat protection. Adding it to your organization’s cyber security infrastructure allows you to:

  • Implement a bring your own device policy, saving money on corporate devices and the time your IT department spends configuring them.

  • Control data movement in your infrastructure, protecting sensitive data from leakage or misuse through an employee’s personal USB device.

  • Protect your infrastructure against malware, viruses, encryption worms, and other dangers lurking on infected USB devices.

Why choose Ekran System®


Ekran System is a complex insider threat protection platform that provides you with much more than simple USB device management. Coupled with robust access and identity management functionality, it ensures that you know of any suspicious action within the protected perimeter along with the context of that action. Let’s consider its benefits:

  • Easy deployment despite the size. Ekran System is designed for rollouts to thousands of endpoints, making it suitable for organizations of any size.

  • A robust insider threat management toolset in one piece of software. While major vendors offer separate solutions for each different functionality, Ekran System combines monitoring, IAM, alerting, keylogging, USB management, and other features. Deploying a single solution also means you won't risk conflicts with your existing cybersecurity system.

  • Flexible endpoint licensing enables license reassignment within minutes. This is especially useful for monitoring virtual desktops.

  • 24/7 technical support. Ekran System is easy to deploy and maintain, but in case you have any issues, you can always contact our Support team.

Check out our free trial or contact us for more information!