Skip to main content

How to create a USB Drop simulation campaign

  • Updated

This article explains how to schedule a USB Drop simulation campaign in SMARTFENSE, detailing each available configuration field and the information the campaign collects.

What is a USB Drop simulation campaign?

USB Drop campaigns measure user behavior when they find a USB drive that does not belong to them. With this type of simulation it is possible to know:

  • Whether the user opens the files contained in the USB drive.
  • Whether the user enables the Macros of the opened files.

USB Drop campaigns do not require user selection. They are campaigns that collect information based on the actions users take with the contents of the USB device they find.

Create the campaign

  1. From the main menu, go to Campaigns > Calendar.
  2. Click the New campaign button.
  3. Select USB Drop.

Campaign configuration

Start date

Date on which the campaign begins to collect statistics about user interaction.

Starting from the Start date, you will only be able to modify the Expiration date of the campaign while it is in progress. This action can be performed from the Calendar or Campaigns list. To do so, locate the campaign you want to edit and go to View campaign details > Information and actions.

Expiration date

Date on which the campaign stops collecting statistics.

Campaign details

  • Name: identifies the campaign within the platform.
  • Description: displayed on the calendar when hovering over the campaign.
  • Test campaign: if you enable this option, the campaign runs without affecting reports or generating records in the user or campaign audit.

Files

In this section you can download the files that will be used in the simulation campaign. You can download as many files as you want and save them on multiple USB drives. You can also edit the file names and set them to whatever you want.

It is not recommended to change the extension of the downloaded files.

Every time a user opens a file between the selected Start date and Expiration date, a record will be generated in the campaign Audit.

The device from which the user opens the file must be able to reach the SMARTFENSE servers. Specifically, it must be able to connect without issues to the URL https://yourdomain.takesecurity.com/api/campaigns/usb-drop/report/. If this connection is not possible, no audit record will be generated when the user opens the file.

Using USB drives formatted in FAT32 will prevent your users from seeing some Microsoft Office suite warnings, which will improve statistics collection.

Location

Optional field that allows specifying where the simulation USB drives will be placed. Its use makes operational tracking and later analysis of the results in the Audit easier.

Indicators collected by the campaign

Each user interaction with the files on the USB device is recorded in the campaign Audit. The records allow you to analyze:

  • File opening: the user opened one of the files contained in the USB drive.
  • Macros activation: the user enabled the Macros of an opened file.

馃挕 Best practices

  • Verify connectivity from target devices to the indicated URL before starting the campaign to ensure records reach the Audit.
  • Use USB drives formatted in FAT32 to reduce Microsoft Office warnings and improve the quality of statistics collection.
  • Keep the original extension of the downloaded files to avoid unexpected behavior in the simulation.
  • Complete the Location field to facilitate operational tracking and later analysis of the results.

Related to

Related articles