Systems and methods for preventing data loss on external devices
First Claim
Patent Images
1. A computer-implemented method for preventing data loss on external devices, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- identifying an external device;
intercepting a write attempt to a file on the external device;
creating a sandbox version of the file;
redirecting the intercepted write attempt from the file to the sandbox version of the file;
analyzing the sandbox version of the file for potential data-loss violations and then either;
determining, based on the analysis of the sandbox version of the file that a data-loss violation has not occurred and then copying the sandbox version of the file to the file on the external device ordetecting, based on the analysis of the sandbox version of the file, a data-loss violation and then deleting the sandbox version of the file.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for data loss prevention may include: 1) indentifying an external device, 2) intercepting a write attempt to a file on the external device, 3) creating a sandbox version of the file, 4) performing the write attempt on the sandbox version of the file, and then 5) analyzing the sandbox version of the file for potential data-loss violations. Various other methods, systems, and computer-readable media are also disclosed.
-
Citations
16 Claims
-
1. A computer-implemented method for preventing data loss on external devices, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
identifying an external device; intercepting a write attempt to a file on the external device; creating a sandbox version of the file; redirecting the intercepted write attempt from the file to the sandbox version of the file; analyzing the sandbox version of the file for potential data-loss violations and then either; determining, based on the analysis of the sandbox version of the file that a data-loss violation has not occurred and then copying the sandbox version of the file to the file on the external device or detecting, based on the analysis of the sandbox version of the file, a data-loss violation and then deleting the sandbox version of the file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for preventing data loss on external devices, the system comprising:
-
an identification module programmed to identify an external device; an interception module programmed to intercept a write attempt to a file on the external device; a sandbox module programmed to; create a sandbox version of the file; redirect the intercepted write attempt from the file to the sandbox version of the file; an analysis module programmed to analyze the sandbox version of the file for potential data-loss violations and then either; determine, based on the analysis of the sandbox version of the file that a data-less violation has not occurred and then copying the sandbox version of the file to the file on the external device or detect, based on the analysis of the sandbox version of the file, a data-loss violation and then deleting the sandbox version of the file; at least one processor configured to execute the identification module, the interception module, the sandbox module, and the analysis module. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A computer-readable-storage medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
identify an external device; intercept a write attempt to a file on the external device; create a sandbox version of the file; redirect the intercepted write attempt from the file to the sandbox version of the file; analyze the sandbox version of the file for potential data-loss violations and then either; determine, based on the analysis of the sandbox version of the file that a data-less violation has not occurred and then copying the sandbox version of the file to the file on the external device or detect, based on the analysis of the sandbox version of the file. a data-loss violation and then deleting the sandbox version of the file.
-
Specification