More Products

Request Form

Choose at least one option
This question is for testing whether you are a human visitor and to prevent automated spam submissions.

You are here

Home » Products » CTWO Products


Manufacturer : 


Powerful amplification of device security

Instantly gain complete and granular control over all of your secure USB drives. An automatic inventory is created, and administrators

SafeConsole USB Management icon

can quickly enforce organization-specific policies for passwords, usage and storage.

Stretch the possible uses of your devices

SafeConsole enables a host of productivity features for an organization’s secure USB flash drives. Gain access to lots of productivity tools, including portable application delivery and file distribution.


Manage devices anywhere

Your devices connect to SafeConsole over the Internet or the local area network to receive policy updates and file packages, and to post audit logs. Administrators can remotely terminate, clone or deactivate a device or help a user reset a forgotten password.


Quickly tailor the solution to the organizational requirements

Using the web-based interface in a standard browser, an administrator can create and assign a policy or feature setting to a specific organizational unit in the corporate directory. All features can be turned on or off and configured granularly for each organizational unit.


Easy and rapid deployment

SafeConsole offers an easy and efficient roll-out scheme for larger organizations. Start with installing SafeConsole on your server and go on to deploying drives to users, and you will gain full management control from day one. Each unique device is registered to a specific user in SafeConsole and linked to the user in the corporate directory. The all-in-one installation has the power to serve large device deployments in the thousands. No extra licenses for databases or certificate management are needed, and the server requirements are low (4GB RAM; Windows or Linux).


Stay ahead with BlockMaster technology

SafeConsole is under constant development to stay ahead of emerging security threats and new business needs. BlockMaster developed SafeConsole to be not only a security product but also a product that enables new ways of working, with great usability and unique features. A current installation can normally be upgraded to a new feature edition at any point, without any interruption.


Provided with pre-certified portable software

SafeConsoleReady Applications are an assortment of portable software that works well running off SafeConsoleReady Devices and that have been pre-certified to make deployment quick and easy.

Remote Password Reset

A secure challenge-response procedure brings back the locked-down encrypted data and gets the user back to business in a matter of minutes.


Secure Content Delivery

SafeConsole enables files to be pushed out to remote SafeConsoleReady devices as soon as they are unlocked. All sensitive data is exchanged securely using two way certificate based SSL authentication making Publisher an ideal way of distributing sensitive materials to a remote workforce.


BackUp and Audit content

A lost drive or an inadvertently overwritten file would normally make you lose hours of work. In the event of a lost SafeConsoleReady device, an administrator can easily recreate the drive by sending its backup and settings to a new device.  Existing content can be recreated for auditing purposes.


Device Audit & File Audit Trail

Device auditing makes taking stock of the entire portfolio of SafeConsoleReady devices easy. The logs include unsuccessful unlocking attempts, device states and log-ins. This gives the administrator a full overview of all drives in use in the organization.

File Audit Trail is an extension of the Device Audit. It allows an administrator to see what files have been copied to or deleted from the devices, as well as a trail of the files that have had their names changed.


Device State Management

Destroy the encryption key on stolen drives, and the data is unreachable even if the thief has your password.

As an extra security precaution when drives are lost, or to protect your organization’s sensitive information from access by former employees, you can remotely ‘kill’ rogue drives and erase them of all data. In the Device Overview in SafeConsole, an authorized administrator can set the device state to ‘killed’, ‘disabled’ and ‘lost’.

Disabled devices can later be recovered with the Remote Password Reset-feature. Lost drives can be set to display a custom return-to-owner message. To lower support costs, lost drives are also automatically marked as ‘found’, if they are later inserted into the assigned user’s local machine. All actions are logged for audit purposes.

SafeConsole can also be set to handle the devices’ states entirely on autopilot. This will require the drives to return to base by connecting to the SafeConsole server within a configurable time period. Devices that have not returned are automatically regarded as ‘lost’. This means that an administrator can save time and costs associated with handling lost devices.


Password Policy

It is possible to configure multiple complex password policies within SafeConsole and assign them to different groups within the organization.


Write Protection

With Write Protection, users can set their drive in a read-only mode when unlocking it on non trusted machines and thereby gain protection from malware trying to infect the drive or its content. It is also possible for an administrator to enforce this protection when a user leaves the company network


Inactivity Lock

Preset (and override the users’ own settings for) the Inactivity Lock to lock down the secure USB drive after a configurable number of minutes. If a user forgets an unlocked drive in a computer, the drive will automatically lock down in accordance with the set policy.



File Restrictor

By taking a white-list approach to preventing storage of unauthorized file-types the FileRestrictor relieves the users from protecting their device. Rogue files can simply not reside on a SafeConsoleReady Device as it only allows storage of file-types specified by the administrator in the SafeConsole settings. The FileRestrictor complements the Authorized Autorun – the onboard autorun-protection that chokes self-copying viruses – by denying unauthorized autorun files from residing on the drive altogether.


Web Login

Combine two-factor authentication with a convenient shortcut for quick, easy and secure access to a web account. Web Log-in enables the administrator to connect a SafeConsoleReady device with a user’s web-based email account (or any other web log-in) and give direct access to the account through a shortcut displayed in the “Shortcuts” window.

System Requirements

2GB RAM on server. Windows or Linux. All other required software included.

Web browser to access the administrative interface. Internet Explorer 7+ , FireFox 1.5+ (PC, Mac), Safari 3+, Opera 9+ (PC, Mac), Chrome.


Supported Languages

English, French, German, Spanish, Polish.


Group Policies

Optionally reflect an existing Active Directory or other directory service. Assign configurations to Organizational Units by simple drag-and-drop.



Subscription license (yearly): SC-SL
Perpetual license (lifetime): SC-LL


Supported Devices


CTWO Products; SafeXs
CTWO Products; SafeXs FIPS


CMS Products; CE-Secure Vault (CE-S V)
CMS Products; CE-Secure Vault FIPS (CE-S V FIPS)


Giesecke & Devrient Secure Flash Solutions; SafeToGo
Giesecke & Devrient Secure Flash Solutions; SafeToGo FIPS
Giesecke & Devrient Secure Flash Solutions; Portable Security Token Enterprise Security (PST ES)
Giesecke & Devrient Secure Flash Solutions; Portable Security Token Identification (PST ID)


Giesecke & Devrient (G&D); StarSign Mobility Token XT (StarSign MT XT)


Kingston Digital; DataTraveler Vault Privacy - Managed (DTVP-M)
Kingston Digital; DataTraveler 4000 - Managed (DT4000-M)


BlockMaster; SafeStick
BlockMaster; SafeStick FIPS
BlockMaster; SafeStick SuperSonic


AutoSafe; CubeByte DataSafe