USB was and still is the #1 maintenance tool for critical systems - whether they are air-gapped legacy systems or new connected ICS systems. Protecting those system from USB-Borne threats is still patchy. You can force maintenance personal to scan their USB storage devices on the shop-floor. But this might take a long time - up to hours on today's modern 8GB+ USB devices. Even worse - if you want to enforce that only scanned USB storage devices may be plugged into critical systems you have to run an enforcement agent on the very systems you try to protect. With all consequences of installing third-party, non-supported software on that system.

insasec provides a different solution. We provide a smart hardware based solution which is totally transparent to the system. Every USB device plugged in is transparently scanned and filtered. Only those files which are either "clean" and/or allowed by your policy are visible to the system. Even files written to the USB device from the system are subject to this policy - thus preventing the exfiltration of sensitive recipes, configuration information and data in general from the system.