14.4 Removable Storage Categories
To effectively manage the use of removable storage within the organization, all removable drives must first be categorized in the storage repository. Administrators can group drives by department or individual use and assign different permissions to each category to prevent data leaks.
Removable drives are classified as encrypted or unencrypted (standard). Encrypted drives are secured by our product and can only be used on client machines with the client installed. Machines without the client cannot access these drives. Encrypted drives can only be created via the console.
Removable drives can be registered and managed. By navigating to Category Management → Removable Storage, administrators can open the removable storage window. The system provides two default categories: Registered and Unregistered. All newly acquired drives are placed under Unregistered. Once registered, drives move to the Registered category. Administrators can manually create new categories under Registered, but not under Unregistered.
Methods for acquiring removable storage information:
| Method |
Description |
| Client Acquisition |
All drives used on client machines are initially placed under Unclassified. Administrators can move them into custom categories. |
| Console Acquisition |
Administrators can insert removable drives directly into the console machine to add their information. Navigate to Operation → Local Removable Storage Info to view inserted drives. Drives marked with " " indicate they have not yet been saved in the storage repository. |
Local Removable Storage Operations
| Icon |
Description |
 |
Manually refresh the local removable storage list. |
 |
Newly inserted drives are initially placed under Unclassified. Click this button to assign the drive to another category. |
 |
Safely eject locally inserted encrypted drives. |
 |
Modify the volume serial number of the local removable storage device. |
 |
Save the removable storage information to the category repository. |
 |
Click to access related operations for the removable device. |
| Set Storage Category |
Newly inserted drives are initially placed under Unclassified. Click this button to assign the drive to another category. |
| Format as Unencrypted |
Convert an encrypted drive into an unencrypted (standard) drive. |
| Format as Encrypted |
Convert an unencrypted drive into an encrypted drive. |
| Initialize Secure USB |
Initialize the secure USB interaction area. You will be prompted to reset the password, and all existing files in the interaction area will be erased. |
| Safely Eject |
Safely eject a locally inserted encrypted drive. |
| Set Volume Serial Number |
Modify the volume serial number of the local removable storage device. |
| View Interaction Logs |
View interaction area logs on the secure USB that have not yet been uploaded. |
 |
Removable Storage Registration and Management Operations |
| Register |
Register a removable drive. |
| Unregister |
Unregister a previously registered removable drive. |
| Cancel Loss Report |
Cancel the loss report for a drive that was marked as missing. |
| Modify Registration Info |
Edit the registration information of a removable drive. |
Creating an Encrypted Drive
Administrators can create encrypted drives by inserting the drives sequentially into the console machine. To do this, navigate to Category Management → Removable Storage to open the storage repository, then go to Operation → Local Removable Storage Info to view the list of local drives.
Click the "
" button to format a standard removable drive into an encrypted drive. During formatting, you can choose the file system for the encrypted drive (FAT32/NTFS). All existing files on the drive will be deleted, and the drive can only be used on machines with the AnySecura client installed. Administrators should confirm before proceeding with the format.
After successful formatting, the icon changes to "
" , indicating the drive is now encrypted but not yet saved. Clicking the Save button updates the icon to "
" , confirming it is saved in the repository.
Note
- By default, encrypted drives cannot be used on clients. A removable storage permission policy with Read and Write enabled must be configured on the client for the drive to be accessible.
Formatting an Encrypted Drive to Unencrypted
Administrators can convert an encrypted drive back to a standard (unencrypted) drive using two methods:
Manual formatting on a machine without the client installed
- An encrypted drive works normally on client machines, but when inserted into a machine without the AnySecura client, it will prompt for formatting. Selecting Yes will manually format the drive to unencrypted, deleting all files.
- For organizations with strict policies, employees should be warned that manual formatting will permanently remove encryption.
Formatting via the console
Insert the encrypted drive into the console machine, open the removable storage repository, and view Local Removable Storage Info to locate the drive.
Select the encrypted drive and click the "
" button to format it as unencrypted. After successful formatting, the drive's icon reverts to "" , and its serial number changes, requiring a save.
Encrypted drives cannot be safely ejected via standard Windows plug-and-play. To safely remove, click the Eject button in the interface.
Notes
- On client machines, right-click the encrypted drive and select Eject device to safely remove it.
- Mobile phone storage cannot be formatted as an encrypted drive.
Registration Control
By default, mobile storage registration control is disabled. To enable it:
- Go to Category Management > Mobile Storage to open the mobile storage window.
- Select Operation > Registration Control, check Enable, and configure the inclusion/exclusion scope and whether to display warning messages.
Once enabled, only registered mobile storage devices with a "Normal" status can be used on clients within the configured scope. Unregistered, lost, expired, or deactivated devices will be blocked.
During registration, you can enter relevant device details and assign it to a category (default: "Registered").
There are two ways to register a mobile storage device:
Local Registration
- Insert the mobile storage device into the console computer.
- Open the Mobile Storage Repository and select Operation > Local Mobile Storage Information to view the device details.
- Select the mobile storage device, click the "Register" icon "" button to register it, then click the "Save" icon "" button to save.
Remote Registration
- Insert the mobile storage device into the remote client computer.
- Through the console, open the Mobile Storage Repository and select Operation > Remote Mobile Storage Information.
- Select the remote client where the device is inserted to view its details.
- Select the mobile storage device, click the "Register" icon "" button to register it, then click the "Save" icon "" button to save.
Additional operations for the icon button"":
| Operation Name |
Description |
| Deregister |
For registered mobile storage devices that are no longer in use. Deregistered devices will become unavailable on clients and will be automatically moved to the "Unregistered" category. |
| Report Loss |
For registered mobile storage devices that have been lost. Reported devices will become unavailable on clients while remaining in their original group. |
| Cancel Loss Report |
For lost devices that have been recovered. This operation restores normal functionality to the device on clients. |
| Modify Registration |
Allows editing of device information such as device name and serial number that was entered during registration. |
Removable Storage Attributes
Removable storage devices include USB drives, external hard drives, memory sticks, smart cards, and other portable devices. The attributes of a removable storage device are as follows:
| Attribute |
Description |
| UDiskID |
A unique identifier for each removable device. This ID does not change after formatting. |
| Volume Serial Number |
The serial number of the device. It may change after formatting. |
| Device Description |
Descriptive information about the device. |
| Remarks |
Notes for easy identification, such as user or asset number. Default is empty. Right-click Modify Remarks to add. |
| Capacity |
The total storage capacity of the device. |
| Partition Format |
The file system format, typically FAT, FAT32, or NTFS. |
| Type |
Indicates whether the device is encrypted. Empty means unencrypted. |
| Volume Label |
The drive's volume label. |
| First Registration Time |
The first time the device was registered. |
| Expiration Time |
The expiration time set during registration. |
| Status |
The registration status of the device:
- 1. Normal – Registered drive
- 2. Unregistered – Unregistered via operation
- 3. Lost – Reported lost
- 4. Expired – Passed the set validity period
- 5. Not registered: a mobile storage device that has not been registered before.
|
| Last Operation Time |
The last time the device was used (inserted or removed). |
| Last Used Computer |
The client machine that last used the device. |
| Count |
The number of identification entries recognized as this device under the current rules. Right-click Properties to view detailed identification info. |
| Device Name |
Name of the removable storage device. |
| Device Number |
Identifier number of the device. |
| Department |
Department that owns the device. |
| User |
Name of the device's user. |
| Position |
Job position of the user. |
| Contact |
Contact information of the user. |
| Employee ID |
Employee number of the user. |
| Last Modified Time |
The last time the device registration information was updated. |
| Usage Details |
Double-click a device to view detailed attributes. Click View Usage or right-click a record and select View Usage to check the usage scope of the device. |
Identification Rules
Navigate to Category Management → Removable Storage to open the storage repository, then go to Operation → Identification Rules to configure removable storage identification rules. Currently, two methods are supported: UDiskID and Volume Serial Number.
By default, UDiskID is used as the matching rule. If multiple devices share the same UDiskID, those UDiskIDs can be designated as invalid UDiskIDs in the identification rules. Devices with invalid UDiskIDs will then use the Volume Serial Number for identification.
Administrators can specify one or more UDiskIDs as invalid by entering their full values, using ";" or "," as separators. Alternatively, all UDiskIDs can be set as invalid, forcing all devices to be identified solely by their Volume Serial Number.
Search
The removable storage repository offers multiple search criteria to help administrators quickly locate the required device information. Open the search dialog by selecting File → Search or clicking the Search button "
" on the toolbar.
| Search Criteria |
Description |
| UDiskID |
Search by UDiskID. Enter a specific UDiskID; partial matches are supported. |
| Volume Serial Number |
Search by volume serial number. Must enter the full serial number; partial matches are not supported. |
| Category |
Default is All Categories, but specific categories can be selected for the search. |
| Description |
Search by device description. Partial matches are supported (e.g., entering "usb" will return devices whose description contains "usb"). |
| Volume Label |
If left empty, all labels are included. Enter a label (e.g., "h") to filter by that label. |
| Encryption Type |
Default is All Types. Can filter by encrypted or unencrypted drives. |
| Partition Format |
Search by partition format (e.g., enter NTFS to find all drives with NTFS format). |
| Remarks |
Search by remarks. Partial matches are supported. |
| Capacity |
Set a capacity range to search by the drive's storage size. |
| Last Used Time |
Set a time range to search by the drive's last usage. |
| Registration Validity |
Set a time range to search by the drive's registration validity period. |
| Registration Status |
Default is All Statuses, but specific statuses can be selected. |
| Keyword |
Search in registration info and remarks. Supports partial matches. |
Administrators can combine multiple search criteria for more precise results. The search results display the category of each removable drive, and administrators can drag and drop drives into the desired category.
Status Statistics
In the removable storage repository, navigate to Operation → Status Statistics to view the registration and usage status of all drives.
Importing and Exporting the Removable Storage Repository
To export the entire repository, select Operation → Export Removable Storage Repository.
To import a previously exported repository, select Operation → Import Removable Storage Repository.
Note
- 1. During export, invalid UDiskID entries and all registered information are included, but unregistered devices are not exported.
- 2. If the identification rules are set to "Use Volume Serial Number Only", import and export operations are disabled.
Don't see what you're looking for?
