Systems and methods for applying data loss prevention policies to closed-storage portable devices
First Claim
1. A computer-implemented method for applying data loss prevention policies to closed-storage portable devices, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- injecting, into at least one application process running on the computing device, a data loss prevention component that monitors Application Programming Interface (API) calls used by the application process;
intercepting, via the data loss prevention component that monitors API calls used by the application process, an attempt by the application process to transfer a file by calling an API that facilitates transferring the file from the computing device to a closed-storage portable device that is connected to the computing device via a closed-storage protocol, wherein the closed-storage portable device contains an internally managed file system that is not accessible to the computing device;
identifying a data loss prevention policy that applies to the attempt by the application process to transfer the file;
determining that the attempt by the application process to transfer the file violates the data loss prevention policy;
performing a security action in response to determining that the attempt by the application process to transfer the file violates the data loss prevention policy.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for applying data loss prevention policies to closed-storage portable devices may include (1) injecting a data loss prevention component into at least one application process that is running on a computing device, (2) intercepting, via the data loss prevention component, an attempt by the application process to transfer a file to a closed-storage portable device that is connected to the computing device, (3) identifying a data loss prevention policy that applies to the attempt by the application process to transfer the file, (4) determining that the attempt by the application process to transfer the file violates the data loss prevention policy, and (5) performing a security action in response to determining that the attempt by the application process to transfer the file violates the data loss prevention policy. Various other methods, systems, and computer-readable media are also disclosed.
-
Citations
20 Claims
-
1. A computer-implemented method for applying data loss prevention policies to closed-storage portable devices, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
injecting, into at least one application process running on the computing device, a data loss prevention component that monitors Application Programming Interface (API) calls used by the application process; intercepting, via the data loss prevention component that monitors API calls used by the application process, an attempt by the application process to transfer a file by calling an API that facilitates transferring the file from the computing device to a closed-storage portable device that is connected to the computing device via a closed-storage protocol, wherein the closed-storage portable device contains an internally managed file system that is not accessible to the computing device; identifying a data loss prevention policy that applies to the attempt by the application process to transfer the file; determining that the attempt by the application process to transfer the file violates the data loss prevention policy; performing a security action in response to determining that the attempt by the application process to transfer the file violates the data loss prevention policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for applying data loss prevention policies to closed-storage portable devices, the system comprising:
-
an injection module, stored in memory, that injects, into at least one application process running on a computing device, a data loss prevention component that monitors API calls used by the application process; an interception module, stored in memory, that intercepts, via the data loss prevention component that monitors API calls used by the application process, an attempt by the application process to transfer a file by calling an API that facilitates transferring the file from the computing device to a closed-storage portable device that is connected to the computing device via a closed-storage protocol, wherein the closed-storage portable device contains an internally managed file system that is not accessible to the computing device; an identification module, stored in memory, that identifies a data loss prevention policy that applies to the attempt by the application process to transfer the file; a determination module, stored in memory, that determines that the attempt by the application process to transfer the file violates the data loss prevention policy; a security module, stored in memory, that performs a security action in response to determining that the attempt by the application process to transfer the file violates the data loss prevention policy; at least one processor configured to execute the injection module, the interception module, the identification module, the determination module, and the security module. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable-storage medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
inject, into at least one application process that is running on the computing device, a data loss prevention component that monitors API calls used by the application process; intercept, via the data loss prevention component that monitors the API calls used by the application process, an attempt by the application process to transfer a file by calling an API that facilitates transferring the file from the computing device to a closed-storage portable device that is connected to the computing device via a closed-storage protocol, wherein the closed-storage portable device contains an internally managed file system that is not accessible to the computing device; identify a data loss prevention policy that applies to the attempt by the application process to transfer the file; determines that the attempt by the application process to transfer the file violates the data loss prevention policy; perform a security action in response to determining that the attempt by the application process to transfer the file violates the data loss prevention policy. - View Dependent Claims (20)
-
Specification