Organizations are increasingly allowing employees to bring and use their own devices (such as smartphones, portable storage devices, etc.) in the workplace. While the use of such devices may empower employees, organizations must work to ensure that proper data loss prevention systems are in place to prevent sensitive data from leaking, either inadvertently or maliciously, via these devices.
Smart devices and other portable storage devices typically connect to and transfer data to/from endpoint computing systems using either mass-storage or closed-storage protocols. When a portable device connects to an endpoint computing system using a mass-storage protocol (such as the Mass Storage Class (MSC) protocol), the endpoint generally assumes absolute control over storage on the portable device as a block-level device. In this scenario, data loss prevention software installed on the endpoint may effectively monitor and apply data loss prevention policies to data that is copied from the endpoint to the portable device by intercepting file system activity involving the same.
However, when a portable storage device connects to an endpoint computing system using a closed-storage protocol, such as Media Transfer Protocol (MTP) or Picture Transfer Protocol (PTP), the actual file system and storage are implemented by the portable device itself, not the endpoint. Unfortunately, because the file system and storage on such portable devices are not managed by the endpoint, conventional data loss prevention software on the endpoint may be unable to effectively monitor and apply data loss prevention policies to data copied to these portable devices.
Some data loss prevention systems attempt to address this problem by prohibiting the use of such devices and/or by allowing the use of such devices on a per-user basis. While denying user access to smartphones and other portable devices may effectively prevent data leaks via such devices, this may also hamper the legitimate or harmless use of such devices, potentially frustrating employees and organizations.
As such, the instant disclosure identifies and addresses a need for a more efficient and effective mechanism for applying data loss prevention policies to closed-storage portable devices.