The Honeywell Secure Media Exchange (SMX) is the next step to protecting your system against USB-based attacks. USBs are one of the largest vectors for cyber attacks in industrial settings, and many traditional solutions (on-device antivirus, locking down USB ports, application whitelisting) are circumvented by modern exploits. The SMX acts as a gateway between your system and outside physical media. Once installed on your organisation’s system, the SMX will require any external USB devices to be scanned before they are usable by devices on your system. In fact, the SMX can be configured to require verification for USB devices of any kind, circumventing special USB attacks such as ‘rubber ducks’ or ‘BadUSB’.
In addition, the SMX can also protect the theft of your organisation’s data via USB through an included ‘check-in’ and ‘check-out’ system.
How It Works – A Step-by-Step Process
The SMX can quickly scan and secure external USBs through a series of simple steps:
- First, an external USB device must be plugged into the SMX for scanning. If a USB device has not been verified by the SMX, all system devices with the SMX software installed will not be able to access the USB device
- The SMX will scan the USB device for known attacks. If no malware is found, the USB device will be ‘registered’ and can now be used on local devices
- If malware is found, the SMX will ‘quarantine’ the malware on the device, making it unusable. If the malware can be quarantined while keeping the usability of the USB device, the device can still be ‘registered’ and used after quarantining has occurred.
- The SMX can additionally be configured to be obfuscated while ‘checked-in’ to your organisation. With this setting, all USBs checked-in to the system will be modified in such a way that they are only readable by devices within the system – outside devices will not be able to read the data on the USB.
- The USB may only be used externally once it has been ‘checked-out’ by the SMX, a process that can be monitored to detect any theft of data.